JDK-7098735 : TLS 1.1 /1.2 fails after handshake with bad mac record after received data
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 7
  • Priority: P2
  • Status: Closed
  • Resolution: Duplicate
  • OS: linux
  • CPU: x86
  • Submitted: 2011-10-07
  • Updated: 2012-04-30
  • Resolved: 2011-11-09
Related Reports
Duplicate :  
Description
FULL PRODUCT VERSION :
1.7


A DESCRIPTION OF THE PROBLEM :
class:
sun.security.ssl.CiphereBox.java

method (line 446):
 int decrypt(ByteBuffer bb) throws BadPaddingException

line 498:

System.arraycopy(buf, pos + blockSize,
                                         buf, pos, limit - pos - blockSize);

has to be:

System.arraycopy(buf, pos + blockSize,
                                         buf, pos, limit - pos - blockSize + 5);

when read MAC is compared(e.g. HmacSHA1), last 5 bytes are wrong and it causing MAC verification error with bad record MAC record message


REGRESSION.  Last worked in version 7

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
use any NIO implementation with TLS 1.1 or TLS 1.2 (SSLEngine.unwrap method)

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
to be fixed as described
ACTUAL -
can not use java 7 wit nio for TLS 1.1/1.2

ERROR MESSAGES/STACK TRACES THAT OCCUR :
bad record mac

REPRODUCIBILITY :
This bug can be reproduced always.

CUSTOMER SUBMITTED WORKAROUND :
patch jsse.jar with

sun.security.ssl.CiphereBox chnage

Comments
EVALUATION Duplicate of 7031830, closing. Should take into account the bb.arrayOffset, not the 5 bytes of the header.
09-11-2011

EVALUATION Very likely this is a duplicate of 7031830, and the submitter's evaluation may be incorrect. If not, please move from incomplete.
12-10-2011

EVALUATION Investigating.
07-10-2011