Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2140

SSLSessionInfo.calculateKeySize(String cipherSuite) doesn't account for all cipher suits

    XMLWordPrintable

Details

    Description

      I noticed on a request where my cipher suite was

      TLS_AES_128_GCM_SHA256

      the key size was being reported as 0.  The default method implementation for `calculateKeySize(String cipherSuite)` in the SSLSessionInfo doesn't appear to account for all possible cipher suites, thus the default value is simply 0. 

      Furthermore, this link from the java doc comment is now a dead link:

           * <p>
     * http://www.thesprawl.org/research/tls-and-ssl-cipher-suites/
     * </p>

      Here is a list of all possible ciphers

      https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

       

      The big issue seems to be that not all cipher suites have the word "WITH_" in them.  For example, if Undertow was checking for just "AES_128" and not "WITH_AES_128_", it would have matched my cipher suite.

       

       

       

      Attachments

        Issue Links

          is caused by

          Bug - A problem which impairs or prevents the functions of the product. UNDERTOW-29 HttpServletRequest is missing javax.servlet.request.* attributes when request is secure

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component WFCORE-6057 Upgrade Undertow to 2.3.0.Final (CVE-2022-2764)

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved

          Component Upgrade - A task tracking an update to a bundled component WFCORE-6056 Upgrade Undertow to 2.3.0.Beta1

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Component Upgrade - A task tracking an update to a bundled component WFLY-17017 Upgrade Undertow to 2.3.0.Beta1

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Component Upgrade - A task tracking an update to a bundled component WFLY-17107 Upgrade Undertow legacy to 2.2.20.Final

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. UNDERTOW-1787 Issues when undertow is setup behind apache proxy

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Resolved

          Activity

            Public project attachment banner

              context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
              current Project key: UNDERTOW

              People

                rhn-cservice-bbaranow Bartosz Baranowski
                bdw429s Brad Wood
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: