JDK-8215524 : Finished message validation failure should be decrypt_error alert
- Type: Bug
- Component: security-libs
- Sub-Component: javax.net.ssl
- Affected Version: 11,12,13
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- Submitted: 2018-12-18
- Updated: 2020-11-19
- Resolved: 2019-02-25
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 13 | JDK 8 | Other |
|---|---|---|---|
| 11.0.6-oracleFixed | 13 b10Fixed  |
8u261Fixed |
openjdk8u272Fixed |
Description
When Finished message verification fails, JSSE responds illegal_parameter error alert, like the below,
javax.net.ssl|ERROR|01|main|2018-12-18 10:33:09.490 CST|TransportContext.java:313|Fatal (ILLEGAL_PARAMETER): The Finished message cannot be verified. (
"throwable" : {
javax.net.ssl.SSLHandshakeException: The Finished message cannot be verified.
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
at java.base/sun.security.ssl.Finished$FinishedMessage.<init>(Finished.java:124)
at java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:984)
at java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:859)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:448)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:425)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:178)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:716)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:799)
at java.base/java.io.InputStream.read(InputStream.java:213)
... ...
javax.net.ssl|DEBUG|01|main|2018-12-18 10:36:13.753 CST|SSLSocketOutputRecord.java:71|WRITE: TLS13 alert(illegal_parameter), length = 2
but per RFC 8446 section 6.2, this alert should be decrypt_error.
"decrypt_error: A handshake (not record layer) cryptographic operation failed, including being unable to correctly verify a signature or validate a Finished message or a PSK binder."
Comments
|