Bug 1348525
Summary: | OpenJDK should report the elliptic curves supported by NSS, not the SunEC library | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Marcel Kolaja <mkolaja> |
Component: | java-1.8.0-openjdk | Assignee: | Andrew John Hughes <ahughes> |
Status: | CLOSED ERRATA | QA Contact: | Lukáš Zachar <lzachar> |
Severity: | urgent | Docs Contact: | |
Priority: | high | ||
Version: | 6.5 | CC: | ahughes, cskoehle, dbhole, hkario, jesusr, jkurik, jmontleo, jvanek, mdshaikh, mnavrati, Neustradamus, ptisnovs, rbost, rhbugzilla.5.nebuchadnezar, salmy, shineepk, tg, tmraz |
Target Milestone: | rc | Keywords: | Reopened, ZStream |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | java-1.8.0-openjdk-1.8.0.91-3.b14.el6_8 | Doc Type: | Bug Fix |
Doc Text: |
Prior to this update, a list of elliptic curves provided by an OpenJDK Secure Sockets Layer (SSL) server to a client included some elliptic curves that were not supported. As a consequence, the connection failed when the client selected an unsupported elliptic curve from the list. This update fixes the list of elliptic curves reported by OpenJDK to match the ones OpenJDK can provide. As a result, the connection no longer fails in the described situation.
|
Story Points: | --- |
Clone Of: | 1022017 | Environment: | |
Last Closed: | 2016-07-12 18:36:43 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1022017 | ||
Bug Blocks: |
Description
Marcel Kolaja
2016-06-21 11:43:12 UTC
To replicate: 1. Set up a Java TLSv1.2 server and run using -Djavax.net.debug=ssl,handshake 2. Connect using openssl s_client -curves prime192v1 -connect <host>:<port> The OpenSSL installation needs to support additional curves (I couldn't replicate the issue with the RHEL 6.8 one as it only supports the same three curves that our OpenJDK build does). The above -curves command to OpenSSL restricts it to passing just: Extension elliptic_curves, curve names: {1.2.840.10045.3.1.1} to the server rather than a full list of all curves. The issue is that OpenJDK's SunEC provider with NSS doesn't support prime192v1, yet the unpatched Java code believes it does. On unpatched, the connection fails when it thinks it can use its first preference cipher, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, but the actual key generation throws an exception: %% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL] matching alias: rsakey main, handling exception: java.lang.RuntimeException: Could not generate DH keypair %% Invalidated: [Session-1, SSL_NULL_WITH_NULL_NULL] main, SEND TLSv1.2 ALERT: fatal, description = internal_error On patched, it realises they share no supported curves, and so downgrades to a non-ECC connection which works: %% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL] matching alias: rsakey matching alias: usaduke matching alias: dsakey %% Negotiating: [Session-1, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384] I've created a quick reproducer that requires just python and few pure-python libraries that tests that: https://github.com/tomato42/tlsfuzzer/blob/ecdhe-curves/scripts/test-unsupported-cuve-fallback.py Usage: https://github.com/tomato42/tlsfuzzer/tree/ecdhe-curves#usage Please contact me if you plan to use it in RHEL QA. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1409 |