RFR: 8368514: TLS stateless session ticket decryption fails on some providers
Daniel Jeliński
djelinski at openjdk.org
Wed Sep 24 16:06:35 UTC 2025
On Wed, 24 Sep 2025 15:34:55 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Please review this trivial patch that fixes stateless session resumption with JCE providers that require extra space for AES/GCM decryption.
>>
>> I modified the existing FipsModeTLS12 test to additionally verify that session resumption works. The TLS 1.3 test resumes the session using a stateless ticket; the TLS 1.2 test uses stateful sessions, because stateless ticket creation fails for other reasons.
>>
>> Tier1-3 tests continue to pass.
>
> test/jdk/sun/security/pkcs11/tls/tls12/FipsModeTLS12.java line 282:
>
>> 280: SSLEngine clientSSLEngine = engineToTest[0];
>> 281: SSLEngine serverSSLEngine = engineToTest[1];
>> 282: // Check that session resumption works
>
> I would put more details in this comment about what exactly we are testing here: stateless session ticket decryption using the most preferred currently installed provider - NSS.
well, thing is, we only check that the session resumption works. The TLS 1.2 case is testing the stateful resumption, the TLS 1.3 case is testing the stateless resumption, end to end. Stateless session ticket decryption just happens to be the only detail that needed to be fixed for the session resumption to work.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27463#discussion_r2376303887
More information about the security-dev
mailing list