JDK-8161984 : Issue with TLS_RSA_WITH_AES Cipher Suite when using Hardtoken HSM like Thales NCipher
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8u92
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2016-07-12
  • Updated: 2016-07-21
  • Resolved: 2016-07-21
Related Reports
Duplicate :  
JDK-8149017 - Delayed provider selection broken in RSA client key exchange.
Description
FULL PRODUCT VERSION :
java version "1.8.0_77"

Java(TM) SE Runtime Environment (build 1.8.0_77-b03) Java HotSpot(TM) 64-Bit Server VM (build 25.77-b03, mixed mode)


ADDITIONAL OS VERSION INFORMATION :
Linux 2.6.32-573.22.1.el6.x86_64 #1 SMP Thu Mar 17 03:23:39 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux

EXTRA RELEVANT SYSTEM CONFIGURATION :
Unlimited Strength JCE installed 
Using nfast client libraries to connect with Thales NCipher HSM device

A DESCRIPTION OF THE PROBLEM :
The nfast version (for HSM) being used is:
enquiry, nfuser 2.32.15cam13 built on Jan 28 2011 17:32:18

The HSM device in use is Thales NCIPHER based HSM.

We are seeing issues when using the following CIPHER suites with the Thales NCIPHER HSM
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA

When any of the above CIPHERS are enabled and provided as supported by client and chosen for handshake by server then we get an error.

Looks like this has been fixed as when we tested with the JDK 1.8.0_112 early access release the problem doesn't happen any more. We would like to know when this fix would be publicly available as part of a general release.


REGRESSION.  Last worked in version 6u45

ADDITIONAL REGRESSION INFORMATION: 
java version "1.8.0_77"

Java(TM) SE Runtime Environment (build 1.8.0_77-b03) Java HotSpot(TM) 64-Bit Server VM (build 25.77-b03, mixed mode)


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Just establish SSL connection with the Server using the TLS_RSA cipher suites enabled. 

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Should establish SSL successfully 
ACTUAL -
2016-06-21 06:47:05,589  INFO  [SystemOut] qtp706604026-43, fatal error: 80: problem unwrapping net record

javax.net.ssl.SSLProtocolException: Unable to process PreMasterSecret, may be too big



ERROR MESSAGES/STACK TRACES THAT OCCUR :
2016-06-21 06:47:05,589  INFO  [SystemOut] qtp706604026-43, fatal error: 80: problem unwrapping net record

javax.net.ssl.SSLProtocolException: Unable to process PreMasterSecret, may be too big

2016-06-21 06:47:05,589  INFO  [SystemOut] %% Invalidated:  [Session-3228, TLS_RSA_WITH_AES_128_CBC_SHA]

2016-06-21 06:47:05,589  INFO  [SystemOut] qtp706604026-43

2016-06-21 06:47:05,589  INFO  [SystemOut] , SEND TLSv1 ALERT:

2016-06-21 06:47:05,589  INFO  [SystemOut] fatal,

2016-06-21 06:47:05,589  INFO  [SystemOut] description = internal_error

2016-06-21 06:47:05,589  INFO  [SystemOut] qtp706604026-43, WRITE: TLSv1 Alert, length = 2


REPRODUCIBILITY :
This bug can be reproduced always.

SUPPORT :
YES
Comments
This is a duplicate of JDK-8149017 which is fixed in JDK 8u102. Please download the latest release from http://www.oracle.com/technetwork/java/javase/downloads/index.html
15-07-2016