RE: OpenSSL 1.0.1e - OpenJDK/NSS interoperability issue?

Thu, 19 Dec 2013 10:15:29 -0800 

Florian:

By backtrace I'm guessing you mean Java debug output, below is what I get in 
the Tomcat catalina.out with 
"JAVA_TOOL_OPTIONS=-Djavax.net.debug=ssl,handshake" set in the script that 
starts Tomcat.

Problem happens with the stock OpenJDK 1.7.0-45 java.security file enabling the 
pkcs11 provider, contrary to what the comment in front of it says:

security.provider.9=sun.security.smartcardio.SunPCSC
# the NSS security provider was not enabled for this build; it can be enabled
# if NSS (libnss3) is available on the machine. The nss.cfg file may need
# editing to reflect the location of the NSS installation.
security.provider.10=sun.security.pkcs11.SunPKCS11 
${java.home}/lib/security/nss.cfg

If that last line is commented out the problem goes away.

If you want the debug output as an attachment off-list, just let me know and 
I'll email you directly.

Thanks,

-Andrew

Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
http-bio-443-Acceptor-0, setSoTimeout(60000) called
http-bio-443-exec-8, READ: TLSv1 Handshake, length = 316
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1370478096 bytes = { 175, 39, 211, 36, 190, 164, 144, 23, 
212, 235, 165, 144, 142, 195, 174, 71, 115, 109, 95, 202, 120, 218, 142, 127, 
16, 183, 0, 13 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, 
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, 
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, 
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, 
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, 
TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, 
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, 
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, 
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, 
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 
TLS_DHE_RSA_WITH_SEED_CBC_SHA, TLS_DHE_DSS_WITH_SEED_CBC_SHA, 
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, 
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 
TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, 
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_SEED_CBC_SHA, 
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_RSA_WITH_IDEA_CBC_SHA, 
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 
TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, 
SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, 
SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, 
SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, 
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, 
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_RSA_EXPORT_WITH_RC4_40_MD5, 
TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, 
ansiX962_compressed_char2]
Extension elliptic_curves, curve names: {sect571r1, sect571k1, secp521r1, 
sect409k1, sect409r1, secp384r1, sect283k1, sect283r1, secp256k1, secp256r1, 
sect239k1, sect233k1, sect233r1, secp224k1, secp224r1, sect193r1, sect193r2, 
secp192k1, secp192r1, sect163k1, sect163r1, sect163r2, secp160k1, secp160r1, 
secp160r2}
Unsupported extension type_35, data:
Extension signature_algorithms, signature_algorithms: SHA512withRSA, Unknown 
(hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, 
signature:0x2), SHA384withECDSA, SHA256withRSA, Unknown (hash:0x4, 
signature:0x2), SHA256withECDSA, SHA224withRSA, Unknown (hash:0x3, 
signature:0x2), SHA224withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA, 
MD5withRSA
Unsupported extension type_15, data: 01
***
%% Initialized:  [Session-35, SSL_NULL_WITH_NULL_NULL]
http-bio-443-exec-8, handling exception: java.security.ProviderException: 
sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
%% Invalidated:  [Session-35, SSL_NULL_WITH_NULL_NULL]
http-bio-443-exec-8, SEND TLSv1.2 ALERT:  fatal, description = internal_error
http-bio-443-exec-8, WRITE: TLSv1.2 Alert, length = 2
http-bio-443-exec-8, called closeSocket()
http-bio-443-exec-8, IOException in getSession():  javax.net.ssl.SSLException: 
java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: 
CKR_DOMAIN_PARAMS_INVALID
http-bio-443-exec-8, called close()
http-bio-443-exec-8, called closeInternal(true)

-----Original Message-----
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Florian Weimer
Sent: Thursday, December 19, 2013 9:09 AM
To: openssl-users@openssl.org
Subject: Re: OpenSSL 1.0.1e - OpenJDK/NSS interoperability issue?

On 12/17/2013 07:11 PM, Porter, Andrew wrote:

> and the Java app throws the exception:
>
> PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID

Can you provide a backtrace?

What's the JVM configuration?  Does it use the SunPKCS11 provider, or if not, 
how does it end up in NSS code?  (Some RHEL OpenJDK package versions change the 
default provider to SunPKCS11.)

--
Florian Weimer / Red Hat Product Security Team 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to