JDK-8265351 : Release Note: Improve Encoding of TLS Application-Layer Protocol Negotiation (ALPN) Values
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8u301,11.0.12-oracle
  • Priority: P4
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2021-04-16
  • Updated: 2021-12-23
  • Resolved: 2021-12-23
Description
Certain TLS ALPN values couldn't be properly read or written by the SunJSSE provider. This is due to the choice of Strings as the API interface and the undocumented internal use of the UTF-8 character set which converts characters larger than U+00007F (7-bit ASCII) into multi-byte arrays that may not be expected by a peer.

SunJSSE now encodes/decodes String characters as 8-bit ISO_8859_1/LATIN-1 characters. This means applications that used characters above U+000007F that were previously encoded using UTF-8 may need to either be modified to perform the UTF-8 conversion, or set the Java security property *`jdk.tls.alpnCharset`* to "UTF-8" revert the behavior.

See the updated guide at https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/alpn.html for more information.