Possible bug with JDK12 and ChaCha ciphers
Norman Maurer
norman.maurer at googlemail.com
Thu May 23 18:24:19 UTC 2019
Hi there,
Did the debug log help at all or should I try to gather more informations from the user ?
Bye
Norman
> On 17. May 2019, at 21:26, Norman Maurer <norman.maurer at googlemail.com> wrote:
>
> The user did capture the log here:
>
> https://hasteb.in/ucalevob.makefile <https://hasteb.in/ucalevob.makefile>
>
> Hopefully it is helpful,
>
> Norman
>
>
>> On 17. May 2019, at 20:38, Norman Maurer <norman.maurer at googlemail.com <mailto:norman.maurer at googlemail.com>> wrote:
>>
>> Unfortunately I am very busy atm so it may take me a few days. I asked the original reported of the issue to provide some in the netty issue tracker. I will come back to you.
>>
>> Bye
>> Norman
>>
>>
>>> On 17. May 2019, at 20:27, Xuelei Fan <xuelei.fan at oracle.com <mailto:xuelei.fan at oracle.com>> wrote:
>>>
>>> Hi Norman,
>>>
>>> If you are able to reproduce this issue, would you mind post the JSSE debug log (by using Java System Property, "javax.net.debug=all")?
>>>
>>> Please feel free to submit a bug.
>>>
>>> Thanks & Regards,
>>> Xuelei
>>>
>>> On 5/17/2019 11:02 AM, Norman Maurer wrote:
>>>> Hi there,
>>>> We recently received a bug report in netty when JDK12 is used with ChaCha chiphers:
>>>> https://github.com/netty/netty/issues/9150 <https://github.com/netty/netty/issues/9150>
>>>> Basically it seems like there is a problem in how it uses the ByteBuffer internally:
>>>> |Caused by: java.lang.RuntimeException: javax.crypto.ShortBufferException: Output buffer too small at java.base/com.sun.crypto.provider.ChaCha20Cipher.engineDoFinal(ChaCha20Cipher.java:703) at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:826) at java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730) at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2503) at java.base/sun.security.ssl.SSLCipher$T12CC20P1305ReadCipherGenerator$CC20P1305ReadCipher.decrypt(SSLCipher.java:2188) at java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:240) at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197) at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108) at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681) at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454) ... 25 common frames omitted Caused by: javax.crypto.ShortBufferException: Output buffer too small at java.base/com.sun.crypto.provider.ChaCha20Cipher$EngineAEADDec.doFinal(ChaCha20Cipher.java:1360) at java.base/com.sun.crypto.provider.ChaCha20Cipher.engineDoFinal(ChaCha20Cipher.java:701)|
>>>> Unfortunately I have no standalone reproducer yet but I just wanted to bring it up here in case it helps.
>>>> It only happens on JDK12 it seems. Check the Netty issue for more details…
>>>> Bye
>>>> Norman
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20190523/1c4b1d03/attachment.htm>
More information about the security-dev
mailing list