Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8219709

Unencrypted Finished message should alert unexpected_message immediately

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P4
    • Resolution: Not an Issue
    • Affects Version/s: 13
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description

      javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.592 CST|SSLSocketInputRecord.java:458|Raw read (
        0000: 16 03 03 00 24 ....$
      )
      javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.592 CST|SSLSocketInputRecord.java:213|READ: TLSv1.2 handshake, length = 36
      javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.593 CST|SSLSocketInputRecord.java:458|Raw read (
        0000: 14 00 00 20 82 F0 7B 4B CA A1 39 30 DD EA 44 93 ... ...K..90..D.
        0010: A4 D7 70 ED FA 1A 90 E2 6E D1 0A FF 4C 29 68 14 ..p.....n...L)h.
        0020: 24 AE DB E2 $...
      )
      javax.net.ssl|DEBUG|01|main|2019-02-26 14:30:36.593 CST|SSLSocketInputRecord.java:249|READ: TLSv1.2 handshake, length = 36

      In the above case, a plain Finished was received. The content type is Handshake (16), and the associated handshake type is Finished (14).
      In TLS 1.3, this message should be encrypted and wrapped into application data. So, this case should raise unexpected_message immediately, but not try to verify this Finished.

        Attachments

          Activity

            People

            • Assignee:
              xuelei Xue-Lei Fan
              Reporter:
              jjiang John Jiang
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: