← Back to team overview

openjdk team mailing list archive

[Bug 1006776] Re: openjdk-6-jdk ssl negotiation incompatibility

 

Hm. Now I get a java.lang.ClassNotFoundException: sun.security.ec.SunEC
even on openjdk7. I was sure this worked before.

It seems the SunEC provider was added in jdk7, so no way to get this to work in jdk6, but it should work on openjdk7 at least.
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunEC

The reason it worked on openjdk-6 yesterday was plainly, that I
commented out the pkcs11 provider and the SunEC provider is not
available so EllipticCurve was disabled completely when negotiating the
used cipher.

So a potential workaround for people affected by this problem would be
to comment out the line

#security.provider.9=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/nss.cfg

But of course this has the potential problem that EC is no longer
available at all  which might affect other java applications too.

In my opinion it would be best to fix
sun.security.ssl.HelloExtensions.isSupported() so it returns only true
for secp256r1 secp384r1 and secp521r1 when the SunEC Provider is not
available.

I guess somebody else knows better than me how to implement this in a
generic way. For example I don't know why the SunEC provider is not
included in IceadTea. Is this a licensing issue for oss? For libnss3 it
seems to be a patent issue with the other curves from what I've read,
but I'm also not sure about this. Otherwise the best solution at all
would be to add the missing curves - but I guess there is a reason they
were removed.

The most-non-generic but easiest working solution would probably be
trough a patch to the openjdk sources for IcedTea which does a hard
check for all curves ones implemented in libnss3 and only returns true
for them.

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-7 in Ubuntu.
https://bugs.launchpad.net/bugs/1006776

Title:
  openjdk-6-jdk ssl negotiation incompatibility

Status in “openjdk-6” package in Ubuntu:
  Confirmed
Status in “openjdk-7” package in Ubuntu:
  Confirmed

Bug description:
  Ununtu 12.04 LTS

  openjdk-6-jdk:
    Installed: 6b24-1.11.1-4ubuntu3
    Candidate: 6b24-1.11.1-4ubuntu3
    Version table:
   *** 6b24-1.11.1-4ubuntu3 0
          500 http://za.archive.ubuntu.com/ubuntu/ precise-updates/main i386 Packages
          100 /var/lib/dpkg/status
       6b24-1.11.1-4ubuntu2 0
          500 http://za.archive.ubuntu.com/ubuntu/ precise/main i386 Packages

  From the OpenSSL client:

  openssl version
  OpenSSL 1.0.1 14 Mar 2012

  openssl s_client -connect localhost:3121
  CONNECTED(00000003)
  3077671112:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:724:
  ---
  no peer certificate available
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 7 bytes and written 226 bytes
  ---
  New, (NONE), Cipher is (NONE)
  Secure Renegotiation IS NOT supported
  Compression: NONE
  Expansion: NONE
  ---

  
  From the OpenJDK6 server (broken):

  Allow unsafe renegotiation: true
  Allow legacy hello messages: true
  Is initial handshake: true
  Is secure renegotiation: false
  pool-2-thread-4, setSoTimeout(20000) called
  pool-2-thread-4, READ: TLSv1 Handshake, length = 221
  *** ClientHello, TLSv1.1
  RandomCookie:  GMT: 1321675259 bytes = { 184, 44, 25, 155, 123, 0, 221, 149, 99, 164, 30, 145, 14, 82, 5, 146, 179, 15, 178, 161, 250, 169, 115, 69, 239, 126, 131, 196 }
  Session ID:  {}
  Cipher Suites: [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, Unknown 0xc0:0x22, Unknown 0xc0:0x21, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, Unknown 0x0:0x88, Unknown 0x0:0x87, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x84, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, Unknown 0xc0:0x1c, Unknown 0xc0:0x1b, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, Unknown 0xc0:0x1f, Unknown 0xc0:0x1e, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, Unknown 0x0:0x9a, Unknown 0x0:0x99, Unknown 0x0:0x45, Unknown 0x0:0x44, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, Unknown 0x0:0x96, Unknown 0x0:0x41, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_RSA_EXPORT_WITH_RC4_40_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
  Compression Methods:  { 1, 0 }
  Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2]
  Extension elliptic_curves, curve names: {sect571r1, sect571k1, secp521r1, sect409k1, sect409r1, secp384r1, sect283k1, sect283r1, secp256k1, secp256r1, sect239k1, sect233k1, sect233r1, secp224k1, secp224r1, sect193r1, sect193r2, secp192k1, secp192r1, sect163k1, sect163r1, sect163r2, secp160k1, secp160r1, secp160r2}
  Unsupported extension type_35, data: 
  Unsupported extension type_15, data: 01
  ***
  pool-2-thread-4, handling exception: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
  pool-2-thread-4, SEND TLSv1 ALERT:  fatal, description = internal_error
  pool-2-thread-4, WRITE: TLSv1 Alert, length = 2
  pool-2-thread-4, called closeSocket()
  pool-2-thread-4, IOException in getSession():  javax.net.ssl.SSLException: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
  Finalizer, called close()
  Finalizer, called closeInternal(true)
  Finalizer, called close()
  Finalizer, called closeInternal(true)
  Finalizer, called close()
  Finalizer, called closeInternal(true)

  From the sun-jdk server(works):

  Allow unsafe renegotiation: true
  Allow legacy hello messages: true
  Is initial handshake: true
  Is secure renegotiation: false
  pool-2-thread-1, setSoTimeout(20000) called
  pool-2-thread-1, READ: TLSv1 Handshake, length = 221
  *** ClientHello, TLSv1.1
  RandomCookie:  GMT: 1321675506 bytes = { 188, 132, 89, 108, 237, 169, 129, 49, 160, 33, 112, 237, 203, 27, 146, 187, 53, 152, 148, 219, 10, 93, 44, 51, 49, 209, 241, 18 }
  Session ID:  {}
  Cipher Suites: [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, Unknown 0xc0:0x22, Unknown 0xc0:0x21, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, Unknown 0x0:0x88, Unknown 0x0:0x87, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x84, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, Unknown 0xc0:0x1c, Unknown 0xc0:0x1b, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, Unknown 0xc0:0x1f, Unknown 0xc0:0x1e, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, Unknown 0x0:0x9a, Unknown 0x0:0x99, Unknown 0x0:0x45, Unknown 0x0:0x44, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, Unknown 0x0:0x96, Unknown 0x0:0x41, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_RSA_EXPORT_WITH_RC4_40_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
  Compression Methods:  { 1, 0 }
  Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2]
  Extension elliptic_curves, curve names: {sect571r1, sect571k1, secp521r1, sect409k1, sect409r1, secp384r1, sect283k1, sect283r1, secp256k1, secp256r1, sect239k1, sect233k1, sect233r1, secp224k1, secp224r1, sect193r1, sect193r2, secp192k1, secp192r1, sect163k1, sect163r1, sect163r2, secp160k1, secp160r1, secp160r2}
  Unsupported extension type_35, data: 
  Unsupported extension type_15, data: 01
  ***
  %% Created:  [Session-1, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA]
  *** ServerHello, TLSv1
  RandomCookie:  GMT: 1321675506 bytes = { 141, 15, 202, 217, 253, 174, 240, 169, 172, 62, 151, 132, 183, 87, 204, 146, 37, 174, 38, 204, 18, 234, 112, 30, 174, 165, 57, 117 }
  Session ID:  {79, 199, 43, 242, 167, 217, 237, 76, 85, 242, 195, 126, 53, 209, 252, 103, 58, 71, 185, 6, 181, 52, 206, 70, 75, 13, 117, 143, 21, 183, 5, 142}
  Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  Compression Method: 0
  Extension renegotiation_info, renegotiated_connection: <empty>
  ***
  Cipher suite:  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  *** Certificate chain

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1006776/+subscriptions


References