-
Bug
-
Resolution: Unresolved
-
P4
-
None
-
17, 21, 22
-
ppc
-
linux
After sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java was removed from the problem list by JDK-8161536 recently,
it fails intermittent on Linux ppc64le.
Quite a lot of failures can be seen on Linux RHEL 8.5 (using NSS nss-devel.ppc64le 3.67.0-7.el8_5) but also on other OS like SUSE 15 the error
is observed sometimes.
When looking into stdout, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 related failures can be seen.
From different test runs :
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode with RSA client authentication**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode with ECDSA client authentication**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode with RSA client authentication**
stderr show error CKR_ENCRYPTED_DATA_INVALID in the jdk.crypto.cryptoki C code :
javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:132)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:365)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:287)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:204)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1481)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1068)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:975)
at CipherTest$Client.sendRequest(CipherTest.java:273)
at JSSEClient.runTest(JSSEClient.java:74)
at CipherTest$Client.run(CipherTest.java:252)
at java.base/java.lang.Thread.run(Thread.java:1570)
javax.net.ssl.SSLException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:132)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:123)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1481)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1068)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:975)
at CipherTest$Server.handleRequest(CipherTest.java:80)
at JSSEServer$1.run(JSSEServer.java:87)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1570)
Caused by: javax.crypto.AEADBadTagException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.handleException(P11AEADCipher.java:817)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.implDoFinal(P11AEADCipher.java:785)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.engineDoFinal(P11AEADCipher.java:605)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2543)
at java.base/sun.security.ssl.SSLCipher$T12CC20P1305ReadCipherGenerator$CC20P1305ReadCipher.decrypt(SSLCipher.java:2169)
at java.base/sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:264)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
... 9 more
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.C_Decrypt(Native Method)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.implDoFinal(P11AEADCipher.java:770)
... 15 more
java.lang.Exception: *** Test 'Client JSSE - Server JSSE' failed ***
at CipherTest.run(CipherTest.java:209)
at CipherTest.main(CipherTest.java:337)
at ClientJSSEServerJSSE.main(ClientJSSEServerJSSE.java:67)
at PKCS11Test.premain(PKCS11Test.java:867)
at PKCS11Test.testNSS(PKCS11Test.java:486)
at PKCS11Test.main(PKCS11Test.java:186)
at ClientJSSEServerJSSE.main(ClientJSSEServerJSSE.java:57)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1570)
it fails intermittent on Linux ppc64le.
Quite a lot of failures can be seen on Linux RHEL 8.5 (using NSS nss-devel.ppc64le 3.67.0-7.el8_5) but also on other OS like SUSE 15 the error
is observed sometimes.
When looking into stdout, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 related failures can be seen.
From different test runs :
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode with RSA client authentication**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode with ECDSA client authentication**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode**
** Failed TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 in TLSv1.2 mode with RSA client authentication**
stderr show error CKR_ENCRYPTED_DATA_INVALID in the jdk.crypto.cryptoki C code :
javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:132)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:365)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:287)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:204)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1481)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1068)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:975)
at CipherTest$Client.sendRequest(CipherTest.java:273)
at JSSEClient.runTest(JSSEClient.java:74)
at CipherTest$Client.run(CipherTest.java:252)
at java.base/java.lang.Thread.run(Thread.java:1570)
javax.net.ssl.SSLException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:132)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:123)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1481)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1068)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:975)
at CipherTest$Server.handleRequest(CipherTest.java:80)
at JSSEServer$1.run(JSSEServer.java:87)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1570)
Caused by: javax.crypto.AEADBadTagException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.handleException(P11AEADCipher.java:817)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.implDoFinal(P11AEADCipher.java:785)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.engineDoFinal(P11AEADCipher.java:605)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2543)
at java.base/sun.security.ssl.SSLCipher$T12CC20P1305ReadCipherGenerator$CC20P1305ReadCipher.decrypt(SSLCipher.java:2169)
at java.base/sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:264)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
... 9 more
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.C_Decrypt(Native Method)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11AEADCipher.implDoFinal(P11AEADCipher.java:770)
... 15 more
java.lang.Exception: *** Test 'Client JSSE - Server JSSE' failed ***
at CipherTest.run(CipherTest.java:209)
at CipherTest.main(CipherTest.java:337)
at ClientJSSEServerJSSE.main(ClientJSSEServerJSSE.java:67)
at PKCS11Test.premain(PKCS11Test.java:867)
at PKCS11Test.testNSS(PKCS11Test.java:486)
at PKCS11Test.main(PKCS11Test.java:186)
at ClientJSSEServerJSSE.main(ClientJSSEServerJSSE.java:57)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1570)
- relates to
-
JDK-8161536 sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java fails with ProviderException
- Resolved
-
JDK-8333317 Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java failed with: Invalid ECDH ServerKeyExchange signature
- Resolved