There are several places you write
// DTLS bans stream ciphers.
if (suite.cipher.cipherType == CipherType.STREAM_CIPHER) {
return true;
}
According to rfc6347
4.1.2.5. New Cipher Suites
Upon registration, new TLS cipher suites MUST indicate whether they
are suitable for DTLS usage and what, if any, adaptations must be
made (see Section 7 for IANA considerations).
Is it better to add a suitableForDTLS() method to CipherSuite? You can
choose a better name.
In CipherSuite.java, there are
// obsoleted since protocol version
final int obsoleted;
// supported since protocol version
final int supported;
You might want to add a comment that the version must uses TLS versions
(not DTLS versions).
--Max
On 5/21/2015 9:25 AM, Xuelei Fan wrote:
Hi,
Please review DTLS implementation [JEP-219/JDK-8043758]:
webrev: http://cr.openjdk.java.net/~xuelei/8043758/webrev.latest/
JBS: https://bugs.openjdk.java.net/browse/JDK-8043758
I would greatly appreciate it if you could send me feedback on or before
May 28, 2015.
Thanks & Regards,
Xuelei Fan
