Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8169229

RSAClientKeyExchange debug info is incorrect

    XMLWordPrintable

Details

    • b145
    • Not verified

    Backports

      Description

        RFC 2246 defines this message as:

        Structure of this message:
               struct {
                   ProtocolVersion client_version;
                   opaque random[46];
               } PreMasterSecret;

               client_version
                   The latest (newest) version supported by the client. This is
                   used to detect version roll-back attacks.

        Our code isn't properly outputting the debug information for this case.

        For example, our client may request TLSv1.2, but the server might select TLSv1. The client output will print:

        *** ClientKeyExchange, RSA PreMasterSecret, TLSv1>

        instead of:

        *** ClientKeyExchange, RSA PreMasterSecret, TLSv1.2>

        We can still see the right value in the SESSION KEYGEN:

        PreMaster Secret:
        0000: 03 01

        However, if you don't know what you're looking at, you will get the wrong impression.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8169444 RSAClientKeyExchange debug info is incorrect

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8169445 RSAClientKeyExchange debug info is incorrect

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8169446 RSAClientKeyExchange debug info is incorrect

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8183784 RSAClientKeyExchange debug info is incorrect

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8192525 RSAClientKeyExchange debug info is incorrect

            • P3 - Major loss of function.
            • Resolved

            Activity

              People

                wetmore Bradford Wetmore
                wetmore Bradford Wetmore
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: