JDK-8207237 : SSLSocket#setEnabledCipherSuites is accepting empty string
- Type: Bug
- Component: security-libs
- Sub-Component: javax.net.ssl
- Affected Version: 11
- Priority: P2
- Status: Closed
- Resolution: Fixed
- Submitted: 2018-07-13
- Updated: 2020-11-23
- Resolved: 2018-07-25
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 8 | Other |
|---|---|---|
11 b25Fixed  |
8u261Fixed |
openjdk8u272Fixed |
Description
Specification of SSLSocket#setEnabledCipherSuites says,
���Throws: IllegalArgumentException - when one or more of the ciphers named by the parameter is not supported, or when the parameter is null.���
However,
with JDKb20, (refer [1] for code)
SSLSocket#setEnabledCipherSuites (new String[] {������} ) // empty string
Is accepted and not throwing IllegalArgumentException
With JDKb15 (refer to [2] for code)
SSLSocket#setEnabledCipherSuites(new String[]{������}) throws IllegalArgumentException
[1]
=========
JDK-11\20\jdk-11\bin\jshell
| Welcome to JShell -- Version 11-ea
| For an introduction type: /help intro
jshell> import javax.net.ssl.*
jshell> SSLContext ctx = SSLContext.getInstance("TLS")
ctx ==> javax.net.ssl.SSLContext@7113b13f
jshell> ctx.init(null,null,null)
jshell> SSLSocket sslSocket = (SSLSocket)ctx.getSocketFactory().createSocket()
sslSocket ==> Socket[unconnected]
jshell> sslSocket.setEnabledCipherSuites(new String[]{""})
jshell>
=========
[2]
=========
JDK-11\15\jdk-11\bin\jshell
| Welcome to JShell -- Version 11-ea
| For an introduction type: /help intro
jshell> import javax.net.ssl.*
jshell> SSLContext ctx = SSLContext.getInstance("TLS")
ctx ==> javax.net.ssl.SSLContext@587d1d39
jshell> ctx.init(null,null,null)
jshell> SSLSocket sslSocket = (SSLSocket) ctx.getSocketFactory().createSocket()
sslSocket ==> 73d4cc9e[SSL_NULL_WITH_NULL_NULL: Socket[unconnected]]
jshell> sslSocket.setEnabledCipherSuites(new String[] {""} )
| Exception java.lang.IllegalArgumentException: Unsupported ciphersuite
| at CipherSuite.valueOf (CipherSuite.java:283)
| at CipherSuiteList.<init> (CipherSuiteList.java:82)
| at SSLSocketImpl.setEnabledCipherSuites (SSLSocketImpl.java:2473)
| at (#5:1)
=========
Comments
|