Other than my nit about the “make the compiler happy”, this all looks fine.
For KeyUpdate, shouldn’t it never be null given the suite and protocol are already known good? I have not problem with the check to be cautious even if it should never happen. Tony > On Dec 14, 2018, at 9:00 AM, Xue-Lei Fan <[email protected]> wrote: > > Hi, > > Could I have the fix reviewed? > http://cr.openjdk.java.net/~xuelei/8213782/webrev.00/ > > The SSLCipher.createReadCipher() and createWriteCipher() could return null if > the cipher is not supported or the cipher is not available for a certain > protocol version. The caller should check the null value, and send back a > "illegal_parameter" alert for such cases. > > I did not add new regression test. The update is straightforward, while > constructing an illegal handshake message for such cases is complicated. > > Thanks, > Xuelei
