JDK-8212096 : javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 11,12,13
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2018-10-12
  • Updated: 2024-08-26
  • Resolved: 2022-08-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 17 JDK 19 JDK 20 JDK 8
11.0.18-oracleFixed 17-pool-oracleResolved 19.0.1Fixed 20 b10Fixed 8u361Fixed
Related Reports
Duplicate :  
JDK-8224990 - Tag mismatch, javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java
Duplicate :  
JDK-8227651 - Tests fail with SSLProtocolException: Input record too big
Relates :  
JDK-8224991 - Problemlist javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java
Relates :  
JDK-8224990 - Tag mismatch, javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java
Relates :  
JDK-8238740 - java/net/httpclient/whitebox/FlowTestDriver.java should not specify a TLS protocol
Description
----------System.out:(7/354)----------
resize destination buffer upto 16709 bytes for BUFFER_OVERFLOW
resize source buffer upto 16709 bytes for BUFFER_UNDERFLOW
Record version: TLSv1.2
Hello version: TLSv1.2
resize destination buffer upto 16709 bytes for BUFFER_OVERFLOW
resize destination buffer upto 16709 bytes for BUFFER_OVERFLOW
resize source buffer upto 16709 bytes for BUFFER_UNDERFLOW
----------System.err:(41/2951)----------
javax.net.ssl.SSLException: Tag mismatch!
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:259)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:129)
	at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:672)
	at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:627)
	at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:443)
	at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:422)
	at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:634)
	at SSLEngineService.receive(SSLEngineService.java:167)
	at SSLEngineExplorerMatchedSNI.doServerSide(SSLEngineExplorerMatchedSNI.java:160)
	at SSLEngineExplorerMatchedSNI.startServer(SSLEngineExplorerMatchedSNI.java:369)
	at SSLEngineExplorerMatchedSNI.<init>(SSLEngineExplorerMatchedSNI.java:319)
	at SSLEngineExplorerMatchedSNI.main(SSLEngineExplorerMatchedSNI.java:300)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
	at java.base/java.lang.Thread.run(Thread.java:835)
Caused by: javax.crypto.AEADBadTagException: Tag mismatch!
	at java.base/com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:595)
	at java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1073)
	at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:1003)
	at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:491)
	at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:779)
	at java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730)
	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2497)
	at java.base/sun.security.ssl.SSLCipher$T13GcmReadCipherGenerator$GcmReadCipher.decrypt(SSLCipher.java:1913)
	at java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:240)
	at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197)
	at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
	... 16 more

JavaTest Message: Test threw exception: javax.net.ssl.SSLException: Tag mismatch!
Comments
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk8u-dev/pull/567 Date: 2024-08-26 08:02:37 +0000
26-08-2024
[jdk8u-fix-request] Approval Request from sendaoYan Backport from jdk11u-dev to jdk8u-dev, to fix the intermittent failure, test fix only, the change has been verified, no risk.
26-08-2024
A pull request was submitted for review. URL: https://git.openjdk.org/jdk11u-dev/pull/1448 Date: 2022-10-12 07:12:50 +0000
12-10-2022
Fix request (19u): Should help to stabilize jdk19u testing. Backport applies cleanly. Passes SAP nightlies.
24-08-2022
A pull request was submitted for review. URL: https://git.openjdk.org/jdk19u/pull/12 Date: 2022-08-23 21:01:39 +0000
23-08-2022
Fix Request (17u). On behalf of Josh Cao <joshcao@amazon.com> Clean test-only fix, patched tests succeed, low risk. Same patch for JDK-8227651 backport.
19-08-2022
A pull request was submitted for review. URL: https://git.openjdk.org/jdk17u-dev/pull/639 Date: 2022-08-18 22:59:44 +0000
18-08-2022
Changeset: 7b029ea6 Author: Daniel JeliƄski <djelinski@openjdk.org> Date: 2022-08-10 18:16:10 +0000 URL: https://git.openjdk.org/jdk/commit/7b029ea6ba1d44d361fdf980816732d8454b8194
10-08-2022
A pull request was submitted for review. URL: https://git.openjdk.org/jdk/pull/9773 Date: 2022-08-05 12:25:36 +0000
05-08-2022
Rajan, would you please check if it is a test bug and retarget it accordingly?
23-01-2019