-
Type:
Bug
-
Resolution: Not an Issue
-
Priority:
P4
-
None
-
Affects Version/s: 13
-
Component/s: security-libs
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.592 CST|SSLSocketInputRecord.java:458|Raw read (
0000: 16 03 03 00 24 ....$
)
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.592 CST|SSLSocketInputRecord.java:213|READ: TLSv1.2 handshake, length = 36
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.593 CST|SSLSocketInputRecord.java:458|Raw read (
0000: 14 00 00 20 82 F0 7B 4B CA A1 39 30 DD EA 44 93 ... ...K..90..D.
0010: A4 D7 70 ED FA 1A 90 E2 6E D1 0A FF 4C 29 68 14 ..p.....n...L)h.
0020: 24 AE DB E2 $...
)
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.593 CST|SSLSocketInputRecord.java:249|READ: TLSv1.2 handshake, length = 36
In the above case, a plain Finished was received. The content type is Handshake (16), and the associated handshake type is Finished (14).
In TLS 1.3, this message should be encrypted and wrapped into application data. So, this case should raise unexpected_message immediately, but not try to verify this Finished.
0000: 16 03 03 00 24 ....$
)
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.592 CST|SSLSocketInputRecord.java:213|READ: TLSv1.2 handshake, length = 36
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.593 CST|SSLSocketInputRecord.java:458|Raw read (
0000: 14 00 00 20 82 F0 7B 4B CA A1 39 30 DD EA 44 93 ... ...K..90..D.
0010: A4 D7 70 ED FA 1A 90 E2 6E D1 0A FF 4C 29 68 14 ..p.....n...L)h.
0020: 24 AE DB E2 $...
)
javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.593 CST|SSLSocketInputRecord.java:249|READ: TLSv1.2 handshake, length = 36
In the above case, a plain Finished was received. The content type is Handshake (16), and the associated handshake type is Finished (14).
In TLS 1.3, this message should be encrypted and wrapped into application data. So, this case should raise unexpected_message immediately, but not try to verify this Finished.