archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8226374: Restrict TLS signature schemes and named groups

Browse source 
Reviewed-by: mullan
This commit is contained in:
Xue-Lei Andrew Fan 2019-08-12 21:36:29 -07:00
parent de8ce983b3
commit 316140ff92
18 changed files with 810 additions and 626 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/java.base/share/classes/sun/security/ssl/ECPointFormatsExtension.java
View file

@ -34,7 +34,7 @@ import static sun.security.ssl.SSLExtension.CH_EC_POINT_FORMATS;
import sun.security.ssl.SSLExtension.ExtensionConsumer;
import sun.security.ssl.SSLExtension.SSLExtensionSpec;
import sun.security.ssl.SSLHandshake.HandshakeMessage;
import sun.security.ssl.NamedGroup.NamedGroupType;
import sun.security.ssl.NamedGroup.NamedGroupSpec;
/**
* Pack of the "ec_point_formats" extensions [RFC 4492].
@ -179,7 +179,7 @@ final class ECPointFormatsExtension {
// Produce the extension.
//
// produce the extension only if EC cipher suite is activated.
if (NamedGroupType.NAMED_GROUP_ECDHE.isSupported(
if (NamedGroupSpec.NAMED_GROUP_ECDHE.isSupported(
chc.activeCipherSuites)) {
// We are using uncompressed ECPointFormat only at present.
byte[] extData = new byte[] {0x01, 0x00};