archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 23:34:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

8232424: More constrained algorithms

Browse source 
Reviewed-by: jnimeh, rhalade, ahgross
This commit is contained in:
Xue-Lei Andrew Fan 2019-10-28 10:43:58 -07:00
parent 6c16f55fde
commit e6304dcaad
4 changed files with 26 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/java.base/share/classes/sun/security/ssl/KeyShareExtension.java
View file

@ -336,7 +336,7 @@ final class KeyShareExtension {
for (KeyShareEntry entry : spec.clientShares) {
NamedGroup ng = NamedGroup.valueOf(entry.namedGroupId);
if (ng == null || !SupportedGroups.isActivatable(
shc.sslConfig.algorithmConstraints, ng)) {
shc.algorithmConstraints, ng)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Ignore unsupported named group: " +
@ -620,7 +620,7 @@ final class KeyShareExtension {
KeyShareEntry keyShare = spec.serverShare;
NamedGroup ng = NamedGroup.valueOf(keyShare.namedGroupId);
if (ng == null || !SupportedGroups.isActivatable(
chc.sslConfig.algorithmConstraints, ng)) {
chc.algorithmConstraints, ng)) {
throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
"Unsupported named group: " +
NamedGroup.nameOf(keyShare.namedGroupId));
@ -762,7 +762,7 @@ final class KeyShareExtension {
NamedGroup selectedGroup = null;
for (NamedGroup ng : shc.clientRequestedNamedGroups) {
if (SupportedGroups.isActivatable(
shc.sslConfig.algorithmConstraints, ng)) {
shc.algorithmConstraints, ng)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"HelloRetryRequest selected named group: " +