javax.net.debug output lost client hello extensions in JDK 11.0.2

Xuelei Fan xuelei.fan at oracle.com
Thu Feb 14 03:25:59 UTC 2019 

This bug will be addressed in JDK 11.0.3 and 12.  See also:
    https://bugs.openjdk.java.net/browse/JDK-8210974

Thanks,
Xuelei

On 2/13/2019 3:58 PM, Amir Khassaia wrote:
> 
> Hi, I'd like to report a bug that may confuse others as they diagnose 
> TLS handshakes.
> 
> The extension logging seems to be affected in JDK 11.0.2, these come up 
> as empty in client hello (see below) from Oracle JDK 11.0.2
> ==========================
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:48.620 
> AEDT|SSLCipher.java:437|jdk.tls.keyLimits:  entry = AES/GCM/NoPadding 
> KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
> javax.net.ssl|WARNING|01|main|2019-02-14 10:51:50.357 
> AEDT|ServerNameExtension.java:255|Unable to indicate server name
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.357 
> AEDT|SSLExtensions.java:256|Ignore, context unavailable extension: 
> server_name
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.358 
> AEDT|SSLExtensions.java:256|Ignore, context unavailable extension: 
> status_request
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.361 
> AEDT|SupportedGroupsExtension.java:841|Ignore inactive or disabled named 
> group: secp160k1
> javax.net.ssl|WARNING|01|main|2019-02-14 10:51:50.486 
> AEDT|SignatureScheme.java:282|Signature algorithm, ed25519, is not 
> supported by the underlying providers
> javax.net.ssl|WARNING|01|main|2019-02-14 10:51:50.486 
> AEDT|SignatureScheme.java:282|Signature algorithm, ed448, is not 
> supported by the underlying providers
> javax.net.ssl|INFO|01|main|2019-02-14 10:51:50.513 
> AEDT|AlpnExtension.java:161|No available application protocols
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.514 
> AEDT|SSLExtensions.java:256|Ignore, context unavailable extension: 
> application_layer_protocol_negotiation
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.514 
> AEDT|SSLExtensions.java:256|Ignore, context unavailable extension: 
> status_request_v2
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.516 
> AEDT|ClientHello.java:651|Produced ClientHello handshake message (
> "ClientHello": {
>    "client version"      : "TLSv1.2",
>    "random"              : "3E 3B 04 98 F4 65 C7 CF 2B B2 30 EA AE CE 7D 
> C5 51 45 C4 A9 CB D6 F2 39 3F 52 46 77 BE 28 EC 06",
>    "session id"          : "",
>    "cipher suites"       : 
> "[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), 
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), 
> TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), 
> TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), 
> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), 
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), 
> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), 
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), 
> TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), 
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), 
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), 
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), 
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), 
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), 
> TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), 
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), 
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), 
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), 
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032)]",
>    "compression methods" : "00",
>    "extensions"          : [
>    ]
> }
> )
> 
> Notice empty extensions, these are actually there on the wire (checked 
> with wireshark).
> 
> This previously appeared to work, just checked with OpenJDK 11.0.1 and I 
> get them:
> 
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:54.261 
> AEDT|SSLCipher.java:437|jdk.tls.keyLimits:  entry = AES/GCM/NoPadding 
> KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
> javax.net.ssl|WARNING|01|main|2019-02-14 10:54:56.491 
> AEDT|ServerNameExtension.java:255|Unable to indicate server name
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.492 
> AEDT|SSLExtensions.java:235|Ignore, context unavailable extension: 
> server_name
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.492 
> AEDT|SSLExtensions.java:235|Ignore, context unavailable extension: 
> status_request
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.494 
> AEDT|SupportedGroupsExtension.java:841|Ignore inactive or disabled named 
> group: secp160k1
> javax.net.ssl|WARNING|01|main|2019-02-14 10:54:56.546 
> AEDT|SignatureScheme.java:282|Signature algorithm, ed25519, is not 
> supported by the underlying providers
> javax.net.ssl|WARNING|01|main|2019-02-14 10:54:56.546 
> AEDT|SignatureScheme.java:282|Signature algorithm, ed448, is not 
> supported by the underlying providers
> javax.net.ssl|INFO|01|main|2019-02-14 10:54:56.575 
> AEDT|AlpnExtension.java:161|No available application protocols
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.576 
> AEDT|SSLExtensions.java:235|Ignore, context unavailable extension: 
> application_layer_protocol_negotiation
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.576 
> AEDT|SSLExtensions.java:235|Ignore, context unavailable extension: 
> status_request_v2
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.577 
> AEDT|SSLExtensions.java:235|Ignore, context unavailable extension: 
> renegotiation_info
> javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.582 
> AEDT|ClientHello.java:651|Produced ClientHello handshake message (
> "ClientHello": {
>    "client version"      : "TLSv1.2",
>    "random"              : "4E 23 00 5E 22 D3 0D 78 D0 97 B5 E1 16 FB E3 
> 92 B5 90 B0 8E 30 89 BC 72 BA F1 B7 94 71 E7 E8 80",
>    "session id"          : "",
>    "cipher suites"       : 
> "[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), 
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), 
> TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), 
> TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), 
> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), 
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), 
> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), 
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), 
> TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), 
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), 
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), 
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), 
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), 
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), 
> TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), 
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), 
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), 
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), 
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), 
> TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
>    "compression methods" : "00",
>    "extensions"          : [
>      "supported_groups (10)": {
>        "versions": [secp256r1, secp384r1, secp521r1]
>      },
>      "ec_point_formats (11)": {
>        "formats": [uncompressed]
>      },
>      "signature_algorithms (13)": {
>        "signature schemes": [ecdsa_secp256r1_sha256, 
> ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pkcs1_sha256, 
> rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, 
> rsa_pkcs1_sha1, dsa_sha1]
>      },
>      "signature_algorithms_cert (50)": {
>        "signature schemes": [ecdsa_secp256r1_sha256, 
> ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pkcs1_sha256, 
> rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, 
> rsa_pkcs1_sha1, dsa_sha1]
>      },
>      "extended_master_secret (23)": {
>        <empty>
>      },
>      "supported_versions (43)": {
>        "versions": [TLSv1.2, TLSv1.1, TLSv1]
>      }
>    ]
> }
> )
> 
> Regards,
> Amir
> 
> 
>

More information about the security-dev mailing list