Hi,
When Finished message is validated failed, illegal_parameter is raised
currently. But per RFC 8446 section 6.2, this error should alert
decrypt_error.
And according to the same section, if the length of verify_data in
Finished is incorrect, it should alert decode_error rather than
illegal_parameter.
This fix is verified by fuzzing testing, but it's hard to add a new
regression test.
Webrev: http://cr.openjdk.java.net/~jjiang/8215524/webrev.00/
Issue: https://bugs.openjdk.java.net/browse/JDK-8215524
Best regards,
John Jiang
