-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 8, 26
-
Component/s: security-libs
-
None
-
b18
According to RFC 8446 section 5.4, third paragraph
"""
Application Data records may contain a zero-length
TLSInnerPlaintext.content if the sender desires. This permits
generation of plausibly sized cover traffic in contexts where the
presence or absence of activity may be sensitive. Implementations
MUST NOT send Handshake and Alert records that have a zero-length
TLSInnerPlaintext.content; if such a message is received, the
receiving implementation MUST terminate the connection with an
"unexpected_message" alert.
"""
However, the server fails with alert(fatal, bad_record_mac) both when receiving encrypted records:
- with content type application_data, in which case it should do nothing
- with content type alert, in which case it should send an alert(fatal, unexpected_record) instead
server logs contain
```
javax.net.ssl.SSLHandshakeException: javax.crypto.BadPaddingException: Incorrect inner plaintext: no content type
```
"""
Application Data records may contain a zero-length
TLSInnerPlaintext.content if the sender desires. This permits
generation of plausibly sized cover traffic in contexts where the
presence or absence of activity may be sensitive. Implementations
MUST NOT send Handshake and Alert records that have a zero-length
TLSInnerPlaintext.content; if such a message is received, the
receiving implementation MUST terminate the connection with an
"unexpected_message" alert.
"""
However, the server fails with alert(fatal, bad_record_mac) both when receiving encrypted records:
- with content type application_data, in which case it should do nothing
- with content type alert, in which case it should send an alert(fatal, unexpected_record) instead
server logs contain
```
javax.net.ssl.SSLHandshakeException: javax.crypto.BadPaddingException: Incorrect inner plaintext: no content type
```
- links to
-
Commit(master)
openjdk/jdk/ba44656b
-
Review(master)
openjdk/jdk/27438