Code Review Needed: 7031830: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
Brad Wetmore
bradford.wetmore at oracle.com
Tue Oct 18 03:00:19 UTC 2011
Thanks Max/Andrew!
On 10/17/2011 6:57 PM, Weijun Wang wrote:
> src looks fine.
>
> Not sure of test. So whenever you use socket on one side and engine on
> another, this bug will jump out?
If you use a SSLsocket on side, and an SSLEngine on the other, and the
engine is using target ByteBuffers that are backed by a Java ByteArray
(i.e. ByteBuffer.hasArray() == true), this bug will jump out. At least
in the Oracle JDK in my basic testing, this includes "regular" byte
buffers (ByteBuffer.allocate(), but not ByteBuffer.allocateDirect())
Note this also only occurs on TLS 1.1/1.2, as the new IV field isn't
being properly handled.
Brad
> -Max
>
> On 10/15/2011 08:59 AM, Brad Wetmore wrote:
>> I'll need a second codereviewer for the 7u2 change. Valerie/Sean/Max?
>>
>> Brad
>>
>>
>>
>> On 10/14/2011 5:52 PM, Brad Wetmore wrote:
>>> Hi Xuelei,
>>>
>>> I need code reviews for the bug I mentioned to you earlier.
>>>
>>> 7031830: bad_record_mac failure on TLSv1.2 enabled connection with
>>> SSLEngine
>>>
>>> The MAC calculation was summing the wrong data range when using
>>> non-direct byte buffers and TLS1.1/1.2.
>>>
>>> The new regression test will now interop-test SSLEngine with SSLSockets
>>> using both direct and non-direct ByteBuffers, over SSLv3, TLSv1,
>>> TLSv1.1, and TLSv1.2.
>>>
>>> http://cr.openjdk.java.net/~wetmore/7031830/
>>>
>>> I plan to push this to both JDK 8 and 7u2, so there are 2 webrevs there.
>>> They should be the same.
>>>
>>> Brad
More information about the security-dev
mailing list