[8u] RFR : TLSv1.3 protocol support

Alexey Bakhtin alexey at azul.com
Wed Apr 1 20:35:30 UTC 2020 

Hello All,

I’ve noticed, that the following bugs are targeted for JDK11.07 release only. They are not included in JDK11.06-GA :
- 8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3 [1]
- 8225766: Curve in certificate should not affect signature scheme when using TLSv1.3 [2]

I excluded these bug fixes from the TLSv1.3 for JDK8 implementation.
The webrev is updated : http://cr.openjdk.java.net/~abakhtin/tls1.3/webrev.v3/

Also, there is a diff between JDK11.06-GA and TLSv1.3 for JDK8 implementation (sun.security.ssl package only). It shows how JDK11 TLSv1.3 implementation was changed to  be applied to JDK8 MR3 : http://cr.openjdk.java.net/~abakhtin/tls1.3_vs_jdk11/webrev.v0/

[1] - https://bugs.openjdk.java.net/browse/JDK-8236039
[2] - https://bugs.openjdk.java.net/browse/JDK-8225766

Regards
Alexey

On 27 Mar 2020, at 17:54, Alexey Bakhtin <alexey at azul.com<mailto:alexey at azul.com>> wrote:

Hello Andrew, Volker

This patch of TLSv1.3 backport for JDK8u is based on the TLSv1.3 implementation for JDK11.06 and OpenJSSE provider implementation version v1.1.2

OpenJSSE is an open source pluggable security provider for TLSv1.3 protocol in JDK8u.
OpenJSSE provider version 1.1.0 was released in July 2019 and based on the JDK11.04 TLSv1.3 implementation. Subsequent versions of the OpenJSSE provider were created by backporting TLS related fixes from JDK11.05 and JDK11.06. The history of these backports is available at https://github.com/openjsse/openjsse/commits/master
The latest version of OpenJSSE v1.1.2 contains almost all TLS related bug fixes available in JDK11.06
This patch was created by merging TLS related source code from JDK11.06 to JDK8u MR3. Then I used OpenJSSE version 1.1.2 code base to implement backport from JDK11 to JDK8. Also, I verified that new TLSv1.3 code for JDK8 is semantically  identical to OpenJSSE version 1.1.2.
After that I removed DTLS support from the new TLSv1.3 implementation and added back TLS_KRB5 support removed by JDK-8196584.
Separate patch for TLS_KRB5 support is available at: http://cr.openjdk.java.net/~abakhtin/rfc2712/webrev.v0/

As soon as I did not backport TLSv1.3 implementation patch by patch, the bug list I provided is not fully accurate. It is just list of TLSv1.3 related bugs from Initial implementation till JDK11.06 GA. As Andrew mentioned, some of the bugs already backported to JDK8. It is:
- 8208350: Disable all DES cipher suites
- 8211883: Disable anon and NULL cipher suites
- 8217579: TLS_EMPTY_RENEGOTIATION_INFO_SCSV is disabled after 8211883
- 8210985: Update the default SSL session cache size to 20480
- 8218863: Better endpoint checks
- 8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange
- 8227758: More valid PKIX processing
- 8218873: Improve JSSE endpoint checking
- 8228825: Enhance ECDSA operations
- 8218580: endpoint identification algorithm should be case-insensitive

Some of these bugs should be re-backported in the new implementation - e.g. 8218873, 8228825, 8218580
The rest of these bugs should be verified after new implementation is applied.

Thank you
Alexey

More information about the jdk8u-dev mailing list