javax.net.debug output lost client hello extensions in JDK 11.0.2
Amir Khassaia
amir.khassaia at gmail.com
Thu Feb 14 04:29:56 UTC 2019
Thanks Xuelei, I clearly missed the report somehow
On Thu, Feb 14, 2019 at 2:26 PM Xuelei Fan <xuelei.fan at oracle.com> wrote:
> This bug will be addressed in JDK 11.0.3 and 12. See also:
> https://bugs.openjdk.java.net/browse/JDK-8210974
>
> Thanks,
> Xuelei
>
> On 2/13/2019 3:58 PM, Amir Khassaia wrote:
> >
> > Hi, I'd like to report a bug that may confuse others as they diagnose
> > TLS handshakes.
> >
> > The extension logging seems to be affected in JDK 11.0.2, these come up
> > as empty in client hello (see below) from Oracle JDK 11.0.2
> > ==========================
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:48.620
> > AEDT|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding
> > KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
> > javax.net.ssl|WARNING|01|main|2019-02-14 10:51:50.357
> > AEDT|ServerNameExtension.java:255|Unable to indicate server name
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.357
> > AEDT|SSLExtensions.java:256|Ignore, context unavailable extension:
> > server_name
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.358
> > AEDT|SSLExtensions.java:256|Ignore, context unavailable extension:
> > status_request
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.361
> > AEDT|SupportedGroupsExtension.java:841|Ignore inactive or disabled named
> > group: secp160k1
> > javax.net.ssl|WARNING|01|main|2019-02-14 10:51:50.486
> > AEDT|SignatureScheme.java:282|Signature algorithm, ed25519, is not
> > supported by the underlying providers
> > javax.net.ssl|WARNING|01|main|2019-02-14 10:51:50.486
> > AEDT|SignatureScheme.java:282|Signature algorithm, ed448, is not
> > supported by the underlying providers
> > javax.net.ssl|INFO|01|main|2019-02-14 10:51:50.513
> > AEDT|AlpnExtension.java:161|No available application protocols
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.514
> > AEDT|SSLExtensions.java:256|Ignore, context unavailable extension:
> > application_layer_protocol_negotiation
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.514
> > AEDT|SSLExtensions.java:256|Ignore, context unavailable extension:
> > status_request_v2
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:51:50.516
> > AEDT|ClientHello.java:651|Produced ClientHello handshake message (
> > "ClientHello": {
> > "client version" : "TLSv1.2",
> > "random" : "3E 3B 04 98 F4 65 C7 CF 2B B2 30 EA AE CE 7D
> > C5 51 45 C4 A9 CB D6 F2 39 3F 52 46 77 BE 28 EC 06",
> > "session id" : "",
> > "cipher suites" :
> > "[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B),
> > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F),
> > TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C),
> > TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D),
> > TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031),
> > TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E),
> > TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2),
> > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023),
> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027),
> > TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C),
> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025),
> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029),
> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067),
> > TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040),
> > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009),
> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013),
> > TLS_RSA_WITH_AES_128_CBC_SHA(0x002F),
> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004),
> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E),
> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033),
> > TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032)]",
> > "compression methods" : "00",
> > "extensions" : [
> > ]
> > }
> > )
> >
> > Notice empty extensions, these are actually there on the wire (checked
> > with wireshark).
> >
> > This previously appeared to work, just checked with OpenJDK 11.0.1 and I
> > get them:
> >
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:54.261
> > AEDT|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding
> > KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
> > javax.net.ssl|WARNING|01|main|2019-02-14 10:54:56.491
> > AEDT|ServerNameExtension.java:255|Unable to indicate server name
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.492
> > AEDT|SSLExtensions.java:235|Ignore, context unavailable extension:
> > server_name
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.492
> > AEDT|SSLExtensions.java:235|Ignore, context unavailable extension:
> > status_request
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.494
> > AEDT|SupportedGroupsExtension.java:841|Ignore inactive or disabled named
> > group: secp160k1
> > javax.net.ssl|WARNING|01|main|2019-02-14 10:54:56.546
> > AEDT|SignatureScheme.java:282|Signature algorithm, ed25519, is not
> > supported by the underlying providers
> > javax.net.ssl|WARNING|01|main|2019-02-14 10:54:56.546
> > AEDT|SignatureScheme.java:282|Signature algorithm, ed448, is not
> > supported by the underlying providers
> > javax.net.ssl|INFO|01|main|2019-02-14 10:54:56.575
> > AEDT|AlpnExtension.java:161|No available application protocols
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.576
> > AEDT|SSLExtensions.java:235|Ignore, context unavailable extension:
> > application_layer_protocol_negotiation
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.576
> > AEDT|SSLExtensions.java:235|Ignore, context unavailable extension:
> > status_request_v2
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.577
> > AEDT|SSLExtensions.java:235|Ignore, context unavailable extension:
> > renegotiation_info
> > javax.net.ssl|DEBUG|01|main|2019-02-14 10:54:56.582
> > AEDT|ClientHello.java:651|Produced ClientHello handshake message (
> > "ClientHello": {
> > "client version" : "TLSv1.2",
> > "random" : "4E 23 00 5E 22 D3 0D 78 D0 97 B5 E1 16 FB E3
> > 92 B5 90 B0 8E 30 89 BC 72 BA F1 B7 94 71 E7 E8 80",
> > "session id" : "",
> > "cipher suites" :
> > "[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B),
> > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F),
> > TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C),
> > TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D),
> > TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031),
> > TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E),
> > TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2),
> > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023),
> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027),
> > TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C),
> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025),
> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029),
> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067),
> > TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040),
> > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009),
> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013),
> > TLS_RSA_WITH_AES_128_CBC_SHA(0x002F),
> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004),
> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E),
> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033),
> > TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032),
> > TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
> > "compression methods" : "00",
> > "extensions" : [
> > "supported_groups (10)": {
> > "versions": [secp256r1, secp384r1, secp521r1]
> > },
> > "ec_point_formats (11)": {
> > "formats": [uncompressed]
> > },
> > "signature_algorithms (13)": {
> > "signature schemes": [ecdsa_secp256r1_sha256,
> > ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pkcs1_sha256,
> > rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1,
> > rsa_pkcs1_sha1, dsa_sha1]
> > },
> > "signature_algorithms_cert (50)": {
> > "signature schemes": [ecdsa_secp256r1_sha256,
> > ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pkcs1_sha256,
> > rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1,
> > rsa_pkcs1_sha1, dsa_sha1]
> > },
> > "extended_master_secret (23)": {
> > <empty>
> > },
> > "supported_versions (43)": {
> > "versions": [TLSv1.2, TLSv1.1, TLSv1]
> > }
> > ]
> > }
> > )
> >
> > Regards,
> > Amir
> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20190214/d5390e32/attachment.htm>
More information about the security-dev
mailing list