Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Duplicate
Priority: P3
Fix Version/s: None
Affects Version/s: 7
Component/s: security-libs
Labels:
None

Subcomponent:
java.security

Description

FULL PRODUCT VERSION :
java version " 1.7.0_10 "
Java(TM) SE Runtime Environment (build 1.7.0_10-b18)
Java HotSpot(TM) 64-Bit Server VM (build 23.6-b04, mixed mode)

Confirmed this on _15 as well.

ADDITIONAL OS VERSION INFORMATION :
Linux host1 2.6.32-279.1.1.el6.x86_64 #1 SMP Tue Jul 10 13:47:21 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

A DESCRIPTION OF THE PROBLEM :
When negotiation using DHE with TLS, occasionally the " server " side of the exchange will incorrectly handle data being received relating to the padding and believe instead that the data is corrupt.

This will cause the connection to be dropped.

See: https://forums.oracle.com/forums/thread.jspa?threadID=2504695
See: https://forums.oracle.com/forums/thread.jspa?threadID=1531782

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Step by step process (including sample code) is described in the above links.

REPRODUCIBILITY :
This bug can be reproduced often.

CUSTOMER SUBMITTED WORKAROUND :
In order to have reliable TLS handshakes, Diffie Hellman key exchanges must be disabled.

Attachments

Issue Links

duplicates

JDK-8014618 Need to strip leading zeros in TlsPremasterSecret of DHKeyAgreement

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Webbug Group

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2013-04-04 01:07

Updated:: 2013-10-25 03:39

Resolved:: 2013-10-25 03:39