Monday, July 25, 2016

TLS v1.2 support in Java 6

According to Oracle Doc:
JDK 6 release supports TLS v1. See:
http://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider
JDK 6 supports TLS 1.1 as well since JDK 6u111.
http://www.oracle.com/technetwork/java/javase/overview-156328.html#R160_111
JDK 7 release supports TLS v1, TLS v1.1 and TLS v1.2. See:
https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider

In fact, TLS 1.2 is available in Java 6: "TLS v1.2 is now a TLS protocol option with the release of JDK 6u121" or maybe even in 6u115 b32 (copy and paste issue?)
http://www.oracle.com/technetwork/java/javase/overview-156328.html
enabled with -Djdk.tls.client.protocols="TLSv1.2"

To test if you have TLSv1.2 support:
public class TLSTest  {
        public static void main(String[] args) throws Exception {
                System.out.println("before TLSv1.1");
                SSLContext ctx = SSLContext.getInstance("TLSv1.1");
                System.out.println("before TLSv1.2");
                ctx = SSLContext.getInstance("TLSv1.2");
                System.out.println("after");
        }

}

and run with
java -Djdk.tls.client.protocols="TLSv1.1,TLSv1.2" TLSTest

if you get "Exception in thread "main" java.security.NoSuchAlgorithmException: TLSv1.2 SSLContext not available" then you are screwed.


No comments: