From 527176c908edc43ef7e49bd37631e9c746dc8a36 Mon Sep 17 00:00:00 2001 From: John Jiang Date: Wed, 27 Nov 2024 11:41:43 +0800 Subject: [PATCH] TKSS-926: Backport JDK-8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server --- .../kona/sun/security/ssl/SSLCipher.java | 20 ++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/SSLCipher.java b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/SSLCipher.java index 367e071b..e86376f6 100644 --- a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/SSLCipher.java +++ b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/SSLCipher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1900,10 +1900,20 @@ public Plaintext decrypt(byte contentType, ByteBuffer bb, } if (bb.remaining() <= tagSize) { - throw new BadPaddingException( - "Insufficient buffer remaining for AEAD cipher " + - "fragment (" + bb.remaining() + "). Needs to be " + - "more than tag size (" + tagSize + ")"); + // Check for unexpected plaintext alert. + if (contentType == ContentType.ALERT.id + && bb.remaining() == 2) { + throw new GeneralSecurityException(String.format( + "Unexpected plaintext alert received: " + + "Level: %s; Alert: %s", + Alert.Level.nameOf(bb.get(bb.position())), + Alert.nameOf(bb.get(bb.position() + 1)))); + } else { + throw new BadPaddingException( + "Insufficient buffer remaining for AEAD cipher " + + "fragment (" + bb.remaining() + "). Needs to be " + + "more than tag size (" + tagSize + ")"); + } } byte[] sn = sequence;