JDK-8257825 : Incompatible TLSv1.2 cipher causing handshake_failure
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8u261,11,16
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • Submitted: 2020-12-06
  • Updated: 2020-12-10
  • Resolved: 2020-12-09
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 17
17Resolved
Related Reports
Duplicate :  
JDK-8217633 - Configurable extensions with system properties
Description
ADDITIONAL SYSTEM INFORMATION :
CentOS Linux release 8.0.1905
MacOS catalina 10.15.7

A DESCRIPTION OF THE PROBLEM :
In this version TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 and TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 are incompatible with previous.
Some HTTPS sites, for example, https://fcm.googleapis.com, returns the handshake error when using these two ciphers.

REGRESSION : Last worked in version 8

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 as supported cipher to connect https://fcm.googleapis.com. And will receive a TLS handshake error.


---------- BEGIN SOURCE ----------
@Test
    public void sslSocketTest() throws IOException {
        SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
        socket.setEnabledCipherSuites(new String[] {
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        });
        InetSocketAddress socketAddress =new InetSocketAddress("fcm.googleapis.com",443);
        socket.connect(socketAddress);
        socket.startHandshake();
        socket.close();
    }
---------- END SOURCE ----------

FREQUENCY : always
Comments
The observations on Windows 10: JDK 8u261 build 04: Passed JDK 8u261 build 05: Failed, received fatal alert: handshake_failure JDK 11: Failed. JDK 16: Failed.
10-12-2020
The EDDSA cipher suite works. It looks like an issue of the server. If the supported_versions extension is removed from the client hello handshake message, the connection could be established with ECDHE_RSA cipher suite. The extension should be acceptable or just ignored in a server implementation. But it is not surprising as an implementation may not consider the impact yet. Let's see if we could have a workaround to disable extensions.
09-12-2020