JDK-8350830 : Values converted incorrectly when reading TLS session tickets
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 17,21,24
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2025-02-27
  • Updated: 2025-05-08
  • Resolved: 2025-05-08
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 25
25 masterFixed
Related Reports
Relates :  
JDK-8211018 - Session Resumption without Server-Side State
Description
Unsigned values converted incorrectly from byte to int when reading TLS session tickets
Comments
Changeset: 2c1eb339 Branch: master Author: nibjen <jena.nibedita@oracle.com> Committer: Daniel JeliƄski <djelinski@openjdk.org> Date: 2025-05-08 09:06:19 +0000 URL: https://git.openjdk.org/jdk/commit/2c1eb339d6c9b6cc6fa4a8780b0e0b8d4d9a5f01
08-05-2025
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/24535 Date: 2025-04-09 03:28:40 +0000
09-04-2025
Session resumption without server side state was added under JDK-8211018. While it is TLSv1.2 session resumption, the client hello message is being parsed in SSLSessionImpl for each extensions. Customer has reported handshake failure and is reproducible locally with exception NegativeArraySizeExceptions when there is ServerNameIndication with size > 127. According to RFC 3546, the host_name limit allowed is 255. With a sample testcase when the host_name length is > 127, exception is thrown: javax.net.ssl|DEBUG|71|Thread-1|2025-04-06 17:13:07.278 UTC|ClientHello.java:825|Negotiated protocol version: TLSv1.2 javax.net.ssl|WARNING|71|Thread-1|2025-04-06 17:13:07.281 UTC|SSLSocketImpl.java:1672|handling exception ( "throwable" : { java.lang.NegativeArraySizeException: -1 at java.base/sun.security.ssl.SSLSessionImpl.<init>(SSLSessionImpl.java:399) at java.base/sun.security.ssl.SessionTicketExtension$T12CHSessionTicketConsumer.consume(SessionTicketExtension.java:468) While the SessionTicketExtension explicitly initializes SSLSessionImpl to read and parse the client hello message when negotiated protocol is TLS1.2 and fails with given exception. For TLSv1.3, its not an issue until length > 255. There are other extensions which may need to be taken care of in accordance to their size limit (psk_identity). According to RFC 5077, PSK identity length allowed is <0..2^16-1> Master secret is allowed for 48 bytes - master_secret[48]
09-04-2025