Skip to content

Update ciphers for TLSv1.3 and JDK11 if available #42082

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 20, 2019
Merged

Update ciphers for TLSv1.3 and JDK11 if available #42082

merged 1 commit into from
May 20, 2019

Conversation

jaymode
Copy link
Member

@jaymode jaymode commented May 10, 2019

This commit updates the default ciphers and TLS protocols that are used
when the runtime JDK supports them. New cipher support has been
introduced in JDK 11 and 12 along with performance fixes for AES GCM.
The ciphers are ordered with PFS ciphers being most preferred, then
AEAD ciphers, and finally those with mainstream hardware support. When
available stronger encryption is preferred for a given cipher.

This is a backport of #41385 and #41808. There are known JDK bugs with
TLSv1.3 that have been fixed in various versions. These are:

  1. The JDK's bundled HttpsServer will endless loop under JDK11 and JDK
    12.0 (Fixed in 12.0.1) based on the way the Apache HttpClient performs
    a close (half close).
  2. In all versions of JDK 11 and 12, the HttpsServer will endless loop
    when certificates are not trusted or another handshake error occurs. An
    email has been sent to the openjdk security-dev list and MockWebServer incompatible with HttpClient closing on TLSv1.3 #38646 is open
    to track this.
  3. In JDK 11.0.2 and prior there is a race condition with session
    resumption that leads to handshake errors when multiple concurrent
    handshakes are going on between the same client and server. This bug
    does not appear when client authentication is in use. This is
    JDK-8213202, which was fixed in 11.0.3 and 12.0.
  4. In JDK 11.0.2 and prior there is a bug where resumed TLS sessions do
    not retain peer certificate information. This is JDK-8212885.

The way these issues are addressed is that the current java version is
checked and used to determine the supported protocols for tests that
provoke these issues.

@jaymode
Update ciphers for TLSv1.3 and JDK11 if available
94ce2b5 
This commit updates the default ciphers and TLS protocols that are used
when the runtime JDK supports them. New cipher support has been
introduced in JDK 11 and 12 along with performance fixes for AES GCM.
The ciphers are ordered with PFS ciphers being most preferred, then
AEAD ciphers, and finally those with mainstream hardware support. When
available stronger encryption is preferred for a given cipher.

This is a backport of elastic#41385 and elastic#41808. There are known JDK bugs with
TLSv1.3 that have been fixed in various versions. These are:

1. The JDK's bundled HttpsServer will endless loop under JDK11 and JDK
12.0 (Fixed in 12.0.1) based on the way the Apache HttpClient performs
a close (half close).
2. In all versions of JDK 11 and 12, the HttpsServer will endless loop
when certificates are not trusted or another handshake error occurs. An
email has been sent to the openjdk security-dev list and elastic#38646 is open
to track this.
3. In JDK 11.0.2 and prior there is a race condition with session
resumption that leads to handshake errors when multiple concurrent
handshakes are going on between the same client and server. This bug
does not appear when client authentication is in use. This is
JDK-8213202, which was fixed in 11.0.3 and 12.0.
4. In JDK 11.0.2 and prior there is a bug where resumed TLS sessions do
not retain peer certificate information. This is JDK-8212885.

The way these issues are addressed is that the current java version is
checked and used to determine the supported protocols for tests that
provoke these issues.
@jaymode jaymode requested review from tvernum and jkakavas May 10, 2019 14:53
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

tvernum
tvernum approved these changes May 20, 2019
View reviewed changes
Copy link
Contributor

@tvernum tvernum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 LGTM

@jaymode jaymode merged commit dbbdcea into elastic:7.x May 20, 2019
@jaymode jaymode deleted the tlsv13_ciphers branch May 20, 2019 13:45
@jaymode jaymode mentioned this pull request Feb 12, 2020
Closed
This was referenced Mar 6, 2020
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvernum tvernum tvernum approved these changes

@jkakavas jkakavas Awaiting requested review from jkakavas

Assignees
No one assigned
Labels
>enhancement :Security/TLS SSL/TLS, Certificates v7.2.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jaymode @elasticmachine @tvernum