Enable specific ciphers for TLS handshake for BW 5.13

[Tibco Support 5]

We are using TRA 5.10, BW 5.13.0 embedded with java version 1.8.0_51(build 1.8.0_51-b16). The underlying OS is AIX and Linux on different machines. We want to Tibco BW to use the below TLSv1.2 GCM ciphers provided by 3rd party SERVER for a successful TLS handshake.

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)

TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) (excluding terminals)

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)

Despite adding the following properties in the application TRA file and installing the JCE security policy, we can see that ciphers proposed by TIBCO BW (acting as CLIENT here) during the handshake with 3rd party SERVER do not have GCM ciphers.

AIX machine:

java.property.TIBCO_SECURITY_VENDOR=ibm

java.property.jdk.tls.client.protocols=TLSv1.2

Linux:

java.property.TIBCO_SECURITY_VENDOR=j2se

java.property.jdk.tls.client.protocols=TLSv1.2

Cipher Suite presented by TIBCO BW

SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256

SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA

SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

SSL_RSA_WITH_AES_128_CBC_SHA256

SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256

SSL_DHE_RSA_WITH_AES_128_CBC_SHA256

SSL_DHE_DSS_WITH_AES_128_CBC_SHA256

SSL_RSA_WITH_AES_128_CBC_SHA

SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA

SSL_ECDH_RSA_WITH_AES_128_CBC_SHA

SSL_DHE_RSA_WITH_AES_128_CBC_SHA

SSL_DHE_DSS_WITH_AES_128_CBC_SHA

SSL_RSA_WITH_3DES_EDE_CBC_SHA

SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA

SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA

SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA

Cipher which 3rd party SERVER wants for communication

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)

TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) (excluding terminals)

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)

Log Trace with Error Exception

SSLContextImpl:  Using X509ExtendedKeyManager com.ibm.jsse2.aw

SSLContextImpl:  Using X509TrustManager com.ibm.jsse2.aA

JsseJCE:  Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.8

trigger seeding of SecureRandom

done seeding SecureRandom

IBMJSSE2 will enable CBC protection

JsseJCE:  Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.8

JsseJCE:  Using KeyAgreement ECDH from provider IBMJCE version 1.8

JsseJCE:  Using signature SHA1withECDSA from provider TBD via init

JsseJCE:  Using signature NONEwithECDSA from provider TBD via init

JsseJCE:  Using KeyFactory EC from provider IBMJCE version 1.8

JsseJCE:  Using KeyPairGenerator EC from provider TBD via init

JsseJce:  EC is available

JsseJCE:  Using cipher AES/GCM/NoPadding from provider TBD via init

CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8

JsseJCE:  Using cipher AES/CBC/NoPadding from provider TBD via init

CipherBox:  Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.8

Finalizer thread, called close()

keyStore is: /opt/tibco/tibcojre64/1.8.0/lib/security/cacerts

keyStore type is: jks

keyStore provider is:

init keystore

SSLContextImpl:  Using X509ExtendedKeyManager com.ibm.jsse2.aw

SSLContextImpl:  Using X509TrustManager com.tibco.security.ssl.D.A

trigger seeding of SecureRandom

done seeding SecureRandom

Persistent Connection Manager is Disabled

Persistent Connection Manager is Disabled

Persistent Connection Manager is Disabled

2022 Sep 20 12:22:24:975 GMT +0100 BW.ServiceName-6-Process_Archive Debug [bW-Core]  <= BusinessServices/ServiceName/Interface/JMSRequestReply.process/JMSRequestReplyGroup/CallMain>BusinessServices/ServiceName/Processes/Main.process/MainGroup/3rdPartySOAPCall.eval(Job-499007) returned STAY_HERE

IBMJSSE2 will allow RFC 5746 renegotiation per com.ibm.jsse2.renegotiate set to none or default

IBMJSSE2 will not require renegotiation indicator during initial handshake per com.ibm.jsse2.renegotiation.indicator set to OPTIONAL or default taken

IBMJSSE2 will not perform identity checking against the peer cert check during renegotiation per com.ibm.jsse2.renegotiation.peer.cert.check set to OFF or default

IBMJSSE2 will allow client initiated renegotiation per jdk.tls.rejectClientInitiatedRenegotiation set to FALSE or default

IBMJSSE2 will not allow unsafe server certificate change during renegotiation per jdk.tls.allowUnsafeServerCertChange set to FALSE or default

Is initial handshake: true

MainGroup/3rdPartySOAPCall0, setSoTimeout(61000) called

Ignoring unsupported cipher suite: SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_RSA_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: SSL_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1

%% No cached client session

*** ClientHello, TLSv1.2

RandomCookie:  GMT: 1663607409 bytes = { 60, 105, 116, 42, 69, 63, 166, 163, 120, 8, 198, 114, 42, 39, 130, 36, 124, 78, 125, 104, 84, 187, 134, 220, 38, 65, 208, 1 }

Session ID:  {}

Cipher Suites: [sSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_RSA_WITH_AES_128_CBC_SHA256, SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256, SSL_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_DHE_DSS_WITH_AES_128_CBC_SHA256, SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_AES_128_CBC_SHA, SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA]

Compression Methods:  { 0 }

Extension elliptic_curves, curve names: {secp256r1, secp192r1, secp224r1, secp384r1, secp521r1, secp160k1, secp160r1, secp160r2, secp192k1, secp224k1, secp256k1}

Extension ec_point_formats, formats: [uncompressed]

Extension renegotiation_info, ri_length: 0, ri_connection_data: { null }

Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA256withDSA, SHA1withDSA, MD5withRSA

Extension server_name, server_name: [type=host_name (0), value=txn-cst.cxmlpg.com]

***

MainGroup/3rdPartySOAPCall0, WRITE: TLSv1.2 Handshake, length = 185

MainGroup/3rdPartySOAPCall0, READ: TLSv1.2 Alert, length = 2

MainGroup/3rdPartySOAPCall0, RECV TLSv1.2 ALERT:  fatal, handshake_failure

MainGroup/3rdPartySOAPCall0, called closeSocket()

MainGroup/3rdPartySOAPCall0, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

MainGroup/3rdPartySOAPCall0, called close()

MainGroup/3rdPartySOAPCall0, called closeInternal(true)

We have also tried replacing limited strength JCE policy files with JCE Unlimited Strength Jurisdiction policy files and adding the "java.property.https.cipherSuites" property to force TLS handshake via a specific cipher, but it does not seem to work.

How can we achieve the above requirement?

Note: Apart from java properties at the application TRA level, we have not added any filters/constraints in java.security file or anywhere else from TIBCO's perspective.

Thanks in advance.

[Emmanuel Marchiset 2]

Hi,

I see you are using an old version of Java 1.8, installing the latest HF for your current TRA version or installing the latest minor release of TRA 5.10 (5.10.2) might be needed.

Also the following KB article might help :

https://support.tibco.com/s/article/Tibco-KnowledgeArticle-Article-46235

You may also check TRA 5.10 HF02 readme file and try the properties below (but before that make sure to have this HF or an higher version installed):

TRA-3928

TIBCO Runtime Agent now supports additional properties to selectively disable

TLS protocols 1.0 through 1.2 which are enabled by default.

The list of all the TLS/SSL properties is as follows. Note that there's a

distinct property for client-side sockets and another for server-side ones

to allow for better flexibility in controlling the changes.

To disable TLS v1.0, set com.tibco.security.ssl.client.EnableTLSv1 to false

as well as com.tibco.security.ssl.server.EnableTLSv1 to false.

To disable TLS v1.1, set com.tibco.security.ssl.client.EnableTLSv11 to false

as well as com.tibco.security.ssl.server.EnableTLSv11 to false.

To disable TLS v1.2, set com.tibco.security.ssl.client.EnableTLSv12 to false

as well as com.tibco.security.ssl.server.EnableTLSv12 to false.

To disable SSLv2Hello, set com.tibco.security.ssl.server.EnableSSLv2Hello to

false. This is only for accepting handshakes from old Java 6 clients.

SSLv3 is set to false by default. To enable SSLv3, set one or both of the

properties com.tibco.security.ssl.client.EnableSSLv3 and/or

com.tibco.security.ssl.server.EnableSSLv3 to true.