-
Bug
-
Resolution: Unresolved
-
P4
-
None
-
8
ADDITIONAL SYSTEM INFORMATION :
Windows/openjdk version "1.8.0_292"
A DESCRIPTION OF THE PROBLEM :
For some sites (e.g. https://www.google.com - BoringSSL), SSL Handshake fails for TLSv1.3 only when ciphersuites are set manually via jdk.tls.client.cipherSuites. With the same set of ciphersuites, the SSL handshake is working for other sites (e.g. https://www.oracle.com)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Set jdk.tls.client.protocols","TLSv1.3, TLSv1.2"
2. Set jdk.tls.client.cipherSuites with some ciphersuites
3. Open a HTTPS URL Connection to https://www.google.com
Note: When jdk.tls.client.protocols=TLSv1.3 and jdk.tls.client.enableStatusRequestExtension=true, the SSL handshake is working fine for the same set of ciphersuites. It's only when jdk.tls.client.protocols=TLSv1.3,TLSv1.2 , it is not working.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Successful SSL handshake
ACTUAL -
javax.net.ssl|FINE|01|main|2021-07-16 10:07:12.569 IST|SSLCipher.java:438|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.475 IST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=www.google.com) was replaced with (type=host_name (0), value=www.google.com)
javax.net.ssl|WARNING|01|main|2021-07-16 10:07:13.621 IST|SignatureScheme.java:297|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|01|main|2021-07-16 10:07:13.621 IST|SignatureScheme.java:297|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|INFO|01|main|2021-07-16 10:07:13.627 IST|AlpnExtension.java:161|No available application protocols
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.630 IST|SSLExtensions.java:260|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.631 IST|SSLExtensions.java:260|Ignore, context unavailable extension: cookie
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.645 IST|PreSharedKeyExtension.java:634|No session to resume.
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.645 IST|SSLExtensions.java:260|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.649 IST|ClientHello.java:575|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "60 A4 2C 72 81 40 C2 CA 20 B0 E3 6E 1B 79 EF 58 F6 DD C9 50 B1 B9 16 27 CE E1 68 E1 02 7B B6 70",
"session id" : "DE 1D B1 59 08 FA BA 71 40 AC BF FA 84 82 0B 36 AB 61 65 E9 0C 37 E4 EC 79 D6 07 6C E4 9B E6 C5",
"cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D)]",
"compression methods" : "00",
"extensions" : [
"server_name (0)": {
type=host_name (0), value=www.google.com
},
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"key_share (51)": {
"client_shares": [
{
"named group": secp256r1
"key_exchange": {
0000: 04 CE 12 71 2B CE 1F 20 25 9C 4E 23 79 D2 70 1A ...q+.. %.N#y.p.
0010: 3E C3 3D 2D 24 DB 80 35 DD 9D 16 8A D8 17 2D 0E >.=-$..5......-.
0020: 80 19 A2 57 E2 15 E2 FD 97 9C A6 25 8A D8 24 5B ...W.......%..$[
0030: 0E 2B 8F D6 1B 77 FD 11 0B E1 80 4C 67 AF A6 B0 .+...w.....Lg...
0040: FB
}
},
]
},
"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
}
]
}
)
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.776 IST|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "handshake_failure"
}
---------- BEGIN SOURCE ----------
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
public class TestHTTPS {
public static void main(String[] args) {
try {
String urlStr = "https://www.google.com";
//String urlStr = "https://www.youtube.com";
System.setProperty("jdk.tls.client.protocols","TLSv1.3, TLSv1.2");
//System.setProperty("jdk.tls.client.enableStatusRequestExtension","true");
System.setProperty("jdk.tls.client.cipherSuites","TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384");
System.setProperty("javax.net.debug", "ssl:handshake");
URL url = new URL(urlStr);
URLConnection conn = url.openConnection();
InputStream inp = conn.getInputStream();
System.out.println("Connected:");
inp.close();
}
catch(Exception e) {
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Upgrade to OpenJDK11. But I want to know if the issue can be fixed in the OpenJDK8
FREQUENCY : always
Windows/openjdk version "1.8.0_292"
A DESCRIPTION OF THE PROBLEM :
For some sites (e.g. https://www.google.com - BoringSSL), SSL Handshake fails for TLSv1.3 only when ciphersuites are set manually via jdk.tls.client.cipherSuites. With the same set of ciphersuites, the SSL handshake is working for other sites (e.g. https://www.oracle.com)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Set jdk.tls.client.protocols","TLSv1.3, TLSv1.2"
2. Set jdk.tls.client.cipherSuites with some ciphersuites
3. Open a HTTPS URL Connection to https://www.google.com
Note: When jdk.tls.client.protocols=TLSv1.3 and jdk.tls.client.enableStatusRequestExtension=true, the SSL handshake is working fine for the same set of ciphersuites. It's only when jdk.tls.client.protocols=TLSv1.3,TLSv1.2 , it is not working.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Successful SSL handshake
ACTUAL -
javax.net.ssl|FINE|01|main|2021-07-16 10:07:12.569 IST|SSLCipher.java:438|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.475 IST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=www.google.com) was replaced with (type=host_name (0), value=www.google.com)
javax.net.ssl|WARNING|01|main|2021-07-16 10:07:13.621 IST|SignatureScheme.java:297|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|01|main|2021-07-16 10:07:13.621 IST|SignatureScheme.java:297|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|INFO|01|main|2021-07-16 10:07:13.627 IST|AlpnExtension.java:161|No available application protocols
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.630 IST|SSLExtensions.java:260|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.631 IST|SSLExtensions.java:260|Ignore, context unavailable extension: cookie
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.645 IST|PreSharedKeyExtension.java:634|No session to resume.
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.645 IST|SSLExtensions.java:260|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.649 IST|ClientHello.java:575|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "60 A4 2C 72 81 40 C2 CA 20 B0 E3 6E 1B 79 EF 58 F6 DD C9 50 B1 B9 16 27 CE E1 68 E1 02 7B B6 70",
"session id" : "DE 1D B1 59 08 FA BA 71 40 AC BF FA 84 82 0B 36 AB 61 65 E9 0C 37 E4 EC 79 D6 07 6C E4 9B E6 C5",
"cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D)]",
"compression methods" : "00",
"extensions" : [
"server_name (0)": {
type=host_name (0), value=www.google.com
},
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"key_share (51)": {
"client_shares": [
{
"named group": secp256r1
"key_exchange": {
0000: 04 CE 12 71 2B CE 1F 20 25 9C 4E 23 79 D2 70 1A ...q+.. %.N#y.p.
0010: 3E C3 3D 2D 24 DB 80 35 DD 9D 16 8A D8 17 2D 0E >.=-$..5......-.
0020: 80 19 A2 57 E2 15 E2 FD 97 9C A6 25 8A D8 24 5B ...W.......%..$[
0030: 0E 2B 8F D6 1B 77 FD 11 0B E1 80 4C 67 AF A6 B0 .+...w.....Lg...
0040: FB
}
},
]
},
"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
}
]
}
)
javax.net.ssl|FINE|01|main|2021-07-16 10:07:13.776 IST|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "handshake_failure"
}
---------- BEGIN SOURCE ----------
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
public class TestHTTPS {
public static void main(String[] args) {
try {
String urlStr = "https://www.google.com";
//String urlStr = "https://www.youtube.com";
System.setProperty("jdk.tls.client.protocols","TLSv1.3, TLSv1.2");
//System.setProperty("jdk.tls.client.enableStatusRequestExtension","true");
System.setProperty("jdk.tls.client.cipherSuites","TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384");
System.setProperty("javax.net.debug", "ssl:handshake");
URL url = new URL(urlStr);
URLConnection conn = url.openConnection();
InputStream inp = conn.getInputStream();
System.out.println("Connected:");
inp.close();
}
catch(Exception e) {
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Upgrade to OpenJDK11. But I want to know if the issue can be fixed in the OpenJDK8
FREQUENCY : always
- backport of
-
-
- Resolved
-
- relates to
-
-
- Open
-