Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2140

SSLSessionInfo.calculateKeySize(String cipherSuite) doesn't account for all cipher suits

    XMLWordPrintable

Details

    Description

      I noticed on a request where my cipher suite was

      TLS_AES_128_GCM_SHA256 

      the key size was being reported as 0.  The default method implementation for `calculateKeySize(String cipherSuite)` in the SSLSessionInfo doesn't appear to account for all possible cipher suites, thus the default value is simply 0. 

      Furthermore, this link from the java doc comment is now a dead link:

           * <p>
           * http://www.thesprawl.org/research/tls-and-ssl-cipher-suites/
           * </p> 

      Here is a list of all possible ciphers

      https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

       

      The big issue seems to be that not all cipher suites have the word "WITH_" in them.  For example, if Undertow was checking for just "AES_128" and not "WITH_AES_128_", it would have matched my cipher suite.

       

       

       

      Attachments

        Issue Links

          Activity

            People

              rhn-cservice-bbaranow Bartosz Baranowski
              bdw429s Brad Wood
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: