Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Duplicate
Priority: P2
Fix Version/s: None
Affects Version/s: 8, 9
Component/s: security-libs
Labels:

Subcomponent:
javax.crypto
CPU:

x86_64
OS:

solaris_10

Description

FULL PRODUCT VERSION :
java version "1.8.0_131"
Java(TM) SE Runtime Environment (build 1.8.0_131-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.131-b11, mixed mode)

ADDITIONAL OS VERSION INFORMATION :
SunOS solaris 5.11 11.3 i86pc i386 i86pc

A DESCRIPTION OF THE PROBLEM :
When using GCM ciphers on solaris the following exception is generated frequently. This looks like https://bugs.openjdk.java.net/browse/JDK-8081792 but on JDK8.

22:10:10,490 ERROR [org.xnio.listener] (default I/O-1) XNIO001007: A channel event listener threw an exception: java.security.ProviderException: Could not determine buffer size
at javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:843)
at javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730)
at javax.crypto.Cipher.doFinal(Cipher.java:2460)
at sun.security.ssl.CipherBox.decrypt(CipherBox.java:535)
at sun.security.ssl.EngineInputRecord.decrypt(EngineInputRecord.java:200)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:974)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:907)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
at io.undertow.protocols.ssl.ALPNHackSSLEngine.unwrap(ALPNHackSSLEngine.java:265)
at io.undertow.server.protocol.http.ALPNLimitingSSLEngine.unwrap(ALPNLimitingSSLEngine.java:137)
at io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:730)
at io.undertow.protocols.ssl.SslConduit.read(SslConduit.java:567)
at io.undertow.conduits.IdleTimeoutConduit.read(IdleTimeoutConduit.java:202)
at org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127)
at io.undertow.server.protocol.framed.AbstractFramedChannel.receive(AbstractFramedChannel.java:368)
at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:108)
at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:59)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:932)
at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:913)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1129)
at io.undertow.protocols.ssl.SslConduit$1.run(SslConduit.java:168)
at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:588)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:468)
Caused by: javax.crypto.ShortBufferException: Output buffer must be (at least) 11 bytes long. Got: 2
at com.oracle.security.ucrypto.NativeGCMCipher.engineUpdate(NativeGCMCipher.java:293)
at javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:828

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Connect to an SSL endpoint on solaris using a GCM cipher

REPRODUCIBILITY :
This bug can be reproduced often.

CUSTOMER SUBMITTED WORKAROUND :
Remove the ucrypto provider.

Attachments

Issue Links

duplicates

JDK-8179532 buffer size calculation issue in NativeGCMCipher

Closed

relates to

JDK-8081792 buffer size calculation issue in NativeGCMCipher

Closed

Activity

People

Assignee:: Xuelei Fan

Reporter:: Webbug Group

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2017-04-26 05:16

Updated:: 2017-05-02 10:15

Resolved:: 2017-05-02 10:12