On Mon, 22 Sep 2025 20:20:19 GMT, Alice Pellegrini <[email protected]> wrote:
> According to RFC 8446 section 5.4, third paragraph >> Application Data records may contain a zero-length >> TLSInnerPlaintext.content if the sender desires. This permits >> generation of plausibly sized cover traffic in contexts where the >> presence or absence of activity may be sensitive. Implementations >> MUST NOT send Handshake and Alert records that have a zero-length >> TLSInnerPlaintext.content; if such a message is received, the >> receiving implementation MUST terminate the connection with an >> "unexpected_message" alert. > > > The proposed change removes an off by 1 error in the SSLCipher > implementation, forces the correct Alert message to be sent in response to > zero-length Alert fragments, as well as updating some tests which detected > the BadPaddingException but now detect a SSLProtocolException, which is > thrown by `TransportContext.fatal` This pull request has now been integrated. Changeset: ba44656b Author: Alice Pellegrini <[email protected]> Committer: Daniel Jeliński <[email protected]> URL: https://git.openjdk.org/jdk/commit/ba44656b97b7103d96718452e300df8a6bd59c87 Stats: 24 lines in 4 files changed: 10 ins; 1 del; 13 mod 8366454: TLS1.3 server fails with bad_record_mac when receiving encrypted records with empty body Co-authored-by: Daniel Jeliński <[email protected]> Reviewed-by: djelinski ------------- PR: https://git.openjdk.org/jdk/pull/27438
