Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JdkSslContext produces invalid supported ciphers #7673

Closed
slandelle opened this issue Feb 1, 2018 · 6 comments · Fixed by #7677
Closed

JdkSslContext produces invalid supported ciphers #7673

slandelle opened this issue Feb 1, 2018 · 6 comments · Fixed by #7677
Assignees
@Scottmitch
Labels
defect

Comments

@slandelle
Copy link
Contributor

slandelle commented Feb 1, 2018
edited
Loading

Expected behavior

JdkSslContext should produce valid ciphers that are actually supported by the platform.
Typically, it should be possible to use them in a custom CipherSuiteFilter to configure a SSLEngine.

Actual behavior

Netty 4.1.13.Final introduced a workaround for IBM certs naming scheme.
This workaround is based on IBM's statement:

According to IBM's documentation [2] the "SSL_" prefix is "interchangeable" with the "TLS_" prefix.

This statement is wrong and transformed names cause SSLEngine#setEnabledCipherSuites to crash.

On my machine, the following ciphers get transformed with the SSL prefix being replaced with TLS and cause SSLEngine to crash:

  • SSL_DH_anon_WITH_DES_CBC_SHA
  • SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  • SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
  • SSL_DHE_RSA_WITH_DES_CBC_SHA
  • SSL_RSA_WITH_DES_CBC_SHA
  • SSL_DHE_DSS_WITH_DES_CBC_SHA
  • SSL_RSA_WITH_NULL_SHA
  • SSL_RSA_WITH_3DES_EDE_CBC_SHA
  • SSL_RSA_WITH_NULL_MD5
  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

Steps to reproduce

See reproducer below.

Minimal yet complete reproducer code (or URL to code)

SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, null, null);
SSLEngine sslEngine = sslcontext.createSSLEngine();

// works
sslEngine.setEnabledCipherSuites(new String[] {"SSL_DH_anon_WITH_DES_CBC_SHA"});

// crashes with IllegalArgumentException: Unsupported ciphersuite TLS_DH_anon_WITH_DES_CBC_SHA
sslEngine.setEnabledCipherSuites(new String[] {"TLS_DH_anon_WITH_DES_CBC_SHA"});

Netty version

Tested on 4.1.20.Final

JVM version (e.g. java -version)

Java HotSpot(TM) 64-Bit Server VM (build 25.152-b16, mixed mode)

OS version (e.g. uname -a)

Not relevant
@normanmaurer
Copy link
Member

@slandelle are you sure this was introduced in 4.1.20 ?

@slandelle
Copy link
Contributor Author

@normanmaurer This renaming was introduced in 449befa which is tagged as 4.1.20.

@slandelle
Copy link
Contributor Author

slandelle commented Feb 1, 2018
edited
Loading

My bad, I didn't get what those tags meant in the GH interface. I guess it's from 4.1.13.

@slandelle
Copy link
Contributor Author

I guess this went unnoticed as SslUtils#DEFAULT_CIPHER_SUITES only contains names prefixed with TLS.

@slandelle slandelle changed the title JdkSslContext produces invalid supported ciphers JdkSslContext produces unsupported ciphers Feb 1, 2018
@slandelle slandelle changed the title JdkSslContext produces unsupported ciphers JdkSslContext produces invalid supported ciphers Feb 1, 2018
@slandelle slandelle mentioned this issue Feb 1, 2018
Closed
@johnou
Copy link
Contributor

johnou commented Feb 1, 2018

cc @Scottmitch @rkapsi

@Scottmitch Scottmitch self-assigned this Feb 1, 2018
Scottmitch added a commit to Scottmitch/netty that referenced this issue Feb 1, 2018
@Scottmitch
JdkSslContext supported cipher suites incorrect
bd7bee6 
Motivation:
JdkSslContext builds the list of supported cipher suites, but assumes that ciphers prefixed with SSL_ and TLS_ will be interchangeable. However this is not the case and only applies to a small subset of ciphers. This results in the JdkSslContext attempting to use unsupported ciphers.

Modifications:
- When building the list of ciphers in JdkSslContext we should first check if the engine supports the TLS_ prefix cipher.

Result:
Fixes netty#7673
@Scottmitch Scottmitch mentioned this issue Feb 1, 2018
Merged
@Scottmitch
Copy link
Member

http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites

The names mentioned in the TLS RFCs prefixed with TLS_ are functionally equivalent to the JSSE cipher suites prefixed with SSL_.

Arg. I guess the names aren't quite interchangeable. See #7677

Scottmitch added a commit that referenced this issue Feb 1, 2018
@Scottmitch
JdkSslContext supported cipher suites incorrect
3f3d309 
Motivation:
JdkSslContext builds the list of supported cipher suites, but assumes that ciphers prefixed with SSL_ and TLS_ will be interchangeable. However this is not the case and only applies to a small subset of ciphers. This results in the JdkSslContext attempting to use unsupported ciphers.

Modifications:
- When building the list of ciphers in JdkSslContext we should first check if the engine supports the TLS_ prefix cipher.

Result:
Fixes #7673
Scottmitch added a commit that referenced this issue Feb 1, 2018
@Scottmitch
JdkSslContext supported cipher suites incorrect
8eb80a3 
Motivation:
JdkSslContext builds the list of supported cipher suites, but assumes that ciphers prefixed with SSL_ and TLS_ will be interchangeable. However this is not the case and only applies to a small subset of ciphers. This results in the JdkSslContext attempting to use unsupported ciphers.

Modifications:
- When building the list of ciphers in JdkSslContext we should first check if the engine supports the TLS_ prefix cipher.

Result:
Fixes #7673
kiril-me pushed a commit to kiril-me/netty that referenced this issue Feb 28, 2018
@Scottmitch @kiril-me
JdkSslContext supported cipher suites incorrect
350e705 
Motivation:
JdkSslContext builds the list of supported cipher suites, but assumes that ciphers prefixed with SSL_ and TLS_ will be interchangeable. However this is not the case and only applies to a small subset of ciphers. This results in the JdkSslContext attempting to use unsupported ciphers.

Modifications:
- When building the list of ciphers in JdkSslContext we should first check if the engine supports the TLS_ prefix cipher.

Result:
Fixes netty#7673
pulllock pushed a commit to pulllock/netty that referenced this issue Oct 19, 2023
@Scottmitch
JdkSslContext supported cipher suites incorrect
85e14e9 
Motivation:
JdkSslContext builds the list of supported cipher suites, but assumes that ciphers prefixed with SSL_ and TLS_ will be interchangeable. However this is not the case and only applies to a small subset of ciphers. This results in the JdkSslContext attempting to use unsupported ciphers.

Modifications:
- When building the list of ciphers in JdkSslContext we should first check if the engine supports the TLS_ prefix cipher.

Result:
Fixes netty#7673
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Scottmitch Scottmitch

Labels
defect
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

JdkSslContext supported cipher suites incorrect Scottmitch/netty
4 participants
@johnou @normanmaurer @slandelle @Scottmitch