JDK-8225678 : sun/security/pkcs11/tls/tls12/FipsModeTLS12.java fails due to SSLProtocolException
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 13
  • Priority: P2
  • Status: Resolved
  • Resolution: Duplicate
  • OS: linux
  • CPU: x86_64
  • Submitted: 2019-06-12
  • Updated: 2019-06-18
  • Resolved: 2019-06-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 13
13Resolved
Related Reports
Duplicate :  
JDK-8226338 - Updates to Stateless Resumption
Relates :  
JDK-8225730 - Add sun/security/pkcs11/tls/tls12/FipsModeTLS12.java to ProblemList for linux
Relates :  
JDK-8225739 - sun/security/pkcs11/tls/tls12/FipsModeTLS12.java is not reliable
Relates :  
JDK-8211018 - Session Resumption without Server-Side State
Description
The following test failure was spotted in the JDK13 CI:

sun/security/pkcs11/tls/tls12/FipsModeTLS12.java

Here's a snippet of the log file:

----------System.err:(39/2839)----------
javax.net.ssl.SSLProtocolException
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:325)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:268)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
	at java.base/sun.security.ssl.SessionTicketExtension$SessionTicketSpec.encrypt(SessionTicketExtension.java:289)
	at java.base/sun.security.ssl.NewSessionTicket$T12NewSessionTicketProducer.produce(NewSessionTicket.java:459)
	at java.base/sun.security.ssl.Finished$T12FinishedProducer.onProduceFinished(Finished.java:449)
	at java.base/sun.security.ssl.Finished$T12FinishedProducer.produce(Finished.java:382)
	at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:440)
	at java.base/sun.security.ssl.Finished$T12FinishedConsumer.onConsumeFinished(Finished.java:636)
	at java.base/sun.security.ssl.Finished$T12FinishedConsumer.consume(Finished.java:536)
	at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:445)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:420)
	at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
	at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:700)
	at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:655)
	at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:470)
	at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:446)
	at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:634)
	at FipsModeTLS12$testTLS12SunPKCS11Communication.run(FipsModeTLS12.java:318)
	at FipsModeTLS12.main(FipsModeTLS12.java:99)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:567)
	at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
	at java.base/java.lang.Thread.run(Thread.java:830)
Caused by: java.lang.NullPointerException
	at java.base/sun.security.ssl.SSLSessionImpl.write(SSLSessionImpl.java:540)
	at java.base/sun.security.ssl.SessionTicketExtension$SessionTicketSpec.encrypt(SessionTicketExtension.java:276)
	... 24 more

JavaTest Message: Test threw exception: javax.net.ssl.SSLProtocolException
JavaTest Message: shutting down test

STATUS:Failed.`main' threw exception: javax.net.ssl.SSLProtocolException

Because this is a Tier2 failure, I'm starting this one out at P3.
Comments
This fix in integrated into JDK-8226338
18-06-2019
Cause is JDK-8211018 so added a link to it and removed previous link.
13-06-2019
SSLSessionImpl.write() 539 b = getMasterSecret().getEncoded(); masterSecret may be not extractable and thus the encode could be null.
13-06-2019
Although a different failure mode this seems possibly related to JDK-8224954. Though having looked closer at both issues I now think that unlikely. This failure seems more basic.
12-06-2019