-
Bug
-
Resolution: Fixed
-
P3
-
8u45
-
x86
-
os_x
FULL PRODUCT VERSION :
java version "1.8.0_45"
Java(TM) SE Runtime Environment (build 1.8.0_45-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Darwin bjansen-inuyasha.dev.tripwire.com 14.4.0 Darwin Kernel Version 14.4.0: Thu May 28 11:35:04 PDT 2015; root:xnu-2782.30.5~1/RELEASE_X86_64 x86_64
EXTRA RELEVANT SYSTEM CONFIGURATION :
This seems to be the case for all platforms running Java 8
A DESCRIPTION OF THE PROBLEM :
When the SunJSSE provider is put into FIPS mode, it is documented as allowing these anonymous cipher suites:
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/FIPS.html
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
However, in the Java 8 implementation of sun.security.ssl.CipherSuite, these suites have been added to the set that are disallowed in FIPS mode.
In Java 7, these suites are available, as stated in the documentation.
In the OpenJDK source from Mercurial, you can see the difference at
Allowed: http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/931fb59eae26/src/share/classes/sun/security/ssl/CipherSuite.java#l1038
add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
0xC019, --p, K_ECDH_ANON, B_AES_256, T);
Disallowed: http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/d8d037a7569e/src/share/classes/sun/security/ssl/CipherSuite.java#l1165
add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
0xC019, --p, K_ECDH_ANON, B_AES_256, N);
REGRESSION. Last worked in version 7u79
ADDITIONAL REGRESSION INFORMATION:
The anonymous cipher suites work on:
java version "1.7.0_79"
Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)
I have not yet fully narrowed down the exact release in which this behavior changed.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Configure SunJSSE for FIPS mode per http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/FIPS.html
2. Create an SSLSocket and call: socket.setEnabledCipherSuites(new String[] {"TLS_ECDH_anon_WITH_AES_256_CBC_SHA"})
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The SSLSocket is configured to use the TLS_ECDH_anon_WITH_AES_256_CBC_SHA cipher suite.
ACTUAL -
SSLSocket#setEnabledCipherSuites() throws an exception when given TLS_ECDH_anon_WITH_AES_256_CBC_SHA
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA
at sun.security.ssl.CipherSuite.valueOf(CipherSuite.java:237)
at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:82)
at sun.security.ssl.SSLSocketImpl.setEnabledCipherSuites(SSLSocketImpl.java:2419)
REPRODUCIBILITY :
This bug can be reproduced always.
java version "1.8.0_45"
Java(TM) SE Runtime Environment (build 1.8.0_45-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Darwin bjansen-inuyasha.dev.tripwire.com 14.4.0 Darwin Kernel Version 14.4.0: Thu May 28 11:35:04 PDT 2015; root:xnu-2782.30.5~1/RELEASE_X86_64 x86_64
EXTRA RELEVANT SYSTEM CONFIGURATION :
This seems to be the case for all platforms running Java 8
A DESCRIPTION OF THE PROBLEM :
When the SunJSSE provider is put into FIPS mode, it is documented as allowing these anonymous cipher suites:
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/FIPS.html
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
However, in the Java 8 implementation of sun.security.ssl.CipherSuite, these suites have been added to the set that are disallowed in FIPS mode.
In Java 7, these suites are available, as stated in the documentation.
In the OpenJDK source from Mercurial, you can see the difference at
Allowed: http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/931fb59eae26/src/share/classes/sun/security/ssl/CipherSuite.java#l1038
add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
0xC019, --p, K_ECDH_ANON, B_AES_256, T);
Disallowed: http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/d8d037a7569e/src/share/classes/sun/security/ssl/CipherSuite.java#l1165
add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
0xC019, --p, K_ECDH_ANON, B_AES_256, N);
REGRESSION. Last worked in version 7u79
ADDITIONAL REGRESSION INFORMATION:
The anonymous cipher suites work on:
java version "1.7.0_79"
Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)
I have not yet fully narrowed down the exact release in which this behavior changed.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Configure SunJSSE for FIPS mode per http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/FIPS.html
2. Create an SSLSocket and call: socket.setEnabledCipherSuites(new String[] {"TLS_ECDH_anon_WITH_AES_256_CBC_SHA"})
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The SSLSocket is configured to use the TLS_ECDH_anon_WITH_AES_256_CBC_SHA cipher suite.
ACTUAL -
SSLSocket#setEnabledCipherSuites() throws an exception when given TLS_ECDH_anon_WITH_AES_256_CBC_SHA
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA
at sun.security.ssl.CipherSuite.valueOf(CipherSuite.java:237)
at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:82)
at sun.security.ssl.SSLSocketImpl.setEnabledCipherSuites(SSLSocketImpl.java:2419)
REPRODUCIBILITY :
This bug can be reproduced always.
- relates to
-
JDK-8186096 Remove the experimental SunJSSE FIPS mode document
-
- Closed
-