Blame SOURCES/jdk8223482-rh1860965-tls_offers_unsupported_ciphers.patch

5781ba
# HG changeset patch
5781ba
# User mbalao
5781ba
# Date 1559080898 10800
5781ba
#      Tue May 28 19:01:38 2019 -0300
5781ba
# Node ID 3ba9c532128b1feccf59ab8ce812b1fce2b6f681
5781ba
# Parent  056a435ab5447c33aab61dd9179a67781e99c35d
5781ba
8223482: Unsupported ciphersuites may be offered by a TLS client
5781ba
Reviewed-by: andrew
5781ba
5781ba
diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/CipherSuite.java openjdk/jdk/src/share/classes/sun/security/ssl/CipherSuite.java
5781ba
--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/CipherSuite.java
5781ba
+++ openjdk/jdk/src/share/classes/sun/security/ssl/CipherSuite.java
5781ba
@@ -34,6 +34,7 @@
5781ba
 import java.security.KeyManagementException;
5781ba
 
5781ba
 import javax.crypto.Cipher;
5781ba
+import javax.crypto.NoSuchPaddingException;
5781ba
 import javax.crypto.SecretKey;
5781ba
 import javax.crypto.spec.IvParameterSpec;
5781ba
 import javax.crypto.spec.SecretKeySpec;
5781ba
@@ -69,6 +70,8 @@
5781ba
  */
5781ba
 final class CipherSuite implements Comparable<CipherSuite> {
5781ba
 
5781ba
+    private static final Debug debug = Debug.getInstance("ssl");
5781ba
+
5781ba
     // minimum priority for supported CipherSuites
5781ba
     final static int SUPPORTED_SUITES_PRIORITY = 1;
5781ba
 
5781ba
@@ -451,6 +454,22 @@
5781ba
             }
5781ba
         }
5781ba
 
5781ba
+        private static boolean isTransformationAvailable(String transformation) {
5781ba
+            if (transformation.equals("NULL")) {
5781ba
+                return true;
5781ba
+            }
5781ba
+            try {
5781ba
+                Cipher.getInstance(transformation);
5781ba
+                return true;
5781ba
+            } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
5781ba
+                if (debug != null && Debug.isOn("ssl")) {
5781ba
+                    System.out.println("Transformation " + transformation + " is" +
5781ba
+                            " not available.");
5781ba
+                }
5781ba
+            }
5781ba
+            return false;
5781ba
+        }
5781ba
+
5781ba
         BulkCipher(String transformation, CipherType cipherType, int keySize,
5781ba
                 int expandedKeySize, int ivSize,
5781ba
                 int fixedIvSize, boolean allowed) {
5781ba
@@ -470,14 +489,10 @@
5781ba
 
5781ba
             // availability of this bulk cipher
5781ba
             //
5781ba
-            // Currently all supported ciphers except AES are always available
5781ba
-            // via the JSSE internal implementations. We also assume AES/128 of
5781ba
-            // CBC mode is always available since it is shipped with the SunJCE
5781ba
-            // provider.  However, AES/256 is unavailable when the default JCE
5781ba
-            // policy jurisdiction files are installed because of key length
5781ba
-            // restrictions.
5781ba
-            this.isAvailable =
5781ba
-                    allowed ? isUnlimited(keySize, transformation) : false;
5781ba
+            // AES/256 is unavailable when the default JCE policy jurisdiction files
5781ba
+            // are installed because of key length restrictions.
5781ba
+            this.isAvailable = allowed && isUnlimited(keySize, transformation) &&
5781ba
+                    isTransformationAvailable(transformation);
5781ba
         }
5781ba
 
5781ba
         BulkCipher(String transformation, CipherType cipherType, int keySize,
5781ba
@@ -497,14 +512,11 @@
5781ba
 
5781ba
             // availability of this bulk cipher
5781ba
             //
5781ba
-            // Currently all supported ciphers except AES are always available
5781ba
-            // via the JSSE internal implementations. We also assume AES/128 of
5781ba
-            // CBC mode is always available since it is shipped with the SunJCE
5781ba
-            // provider.  However, AES/256 is unavailable when the default JCE
5781ba
-            // policy jurisdiction files are installed because of key length
5781ba
-            // restrictions.
5781ba
+            // AES/256 is unavailable when the default JCE policy jurisdiction files
5781ba
+            // are installed because of key length restrictions.
5781ba
             this.isAvailable =
5781ba
-                    allowed ? isUnlimited(keySize, transformation) : false;
5781ba
+                    allowed ? isUnlimited(keySize, transformation) &&
5781ba
+                            isTransformationAvailable(transformation) : false;
5781ba
         }
5781ba
 
5781ba
         /**
5781ba
diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java
5781ba
--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java
5781ba
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java
5781ba
@@ -339,7 +339,8 @@
5781ba
 
5781ba
                 if (suite.isAvailable() &&
5781ba
                         suite.obsoleted > protocols.min.v &&
5781ba
-                        suite.supported <= protocols.max.v) {
5781ba
+                        suite.supported <= protocols.max.v &&
5781ba
+                        suite.cipher.isAvailable()) {
5781ba
                     if (SSLAlgorithmConstraints.DEFAULT.permits(
5781ba
                             EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
5781ba
                             suite.name, null)) {
5781ba
diff --git openjdk.orig/jdk/test/sun/security/pkcs11/fips/TestTLS12.java openjdk/jdk/test/sun/security/pkcs11/fips/TestTLS12.java
5781ba
--- openjdk.orig/jdk/test/sun/security/pkcs11/fips/TestTLS12.java
5781ba
+++ openjdk/jdk/test/sun/security/pkcs11/fips/TestTLS12.java
5781ba
@@ -372,15 +372,20 @@
5781ba
 
5781ba
         private static SSLEngine[][] getSSLEnginesToTest() throws Exception {
5781ba
             SSLEngine[][] enginesToTest = new SSLEngine[2][2];
5781ba
+            // TLS_RSA_WITH_AES_128_GCM_SHA256 ciphersuite is available but
5781ba
+            // must not be chosen for the TLS connection if not supported.
5781ba
+            // See JDK-8222937.
5781ba
             String[][] preferredSuites = new String[][]{ new String[] {
5781ba
+                    "TLS_RSA_WITH_AES_128_GCM_SHA256",
5781ba
                     "TLS_RSA_WITH_AES_128_CBC_SHA256"
5781ba
             },  new String[] {
5781ba
+                    "TLS_RSA_WITH_AES_128_GCM_SHA256",
5781ba
                     "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
5781ba
             }};
5781ba
             for (int i = 0; i < enginesToTest.length; i++) {
5781ba
                 enginesToTest[i][0] = createSSLEngine(true);
5781ba
                 enginesToTest[i][1] = createSSLEngine(false);
5781ba
-                enginesToTest[i][0].setEnabledCipherSuites(preferredSuites[i]);
5781ba
+                // All CipherSuites enabled for the client.
5781ba
                 enginesToTest[i][1].setEnabledCipherSuites(preferredSuites[i]);
5781ba
             }
5781ba
             return enginesToTest;