On 6/19/2019 8:17 PM, Anthony Scarpino wrote:
On 6/19/19 5:02 PM, Xuelei Fan wrote:
Hi,
Could I get the following update reviewed?
http://cr.openjdk.java.net/~xuelei/8225766/webrev.01/
For TLS 1.2 and prior versions, the public key of a EC cert MUST use a
curve and point format supported by the client. But in TLS 1.3,
signature algorithms are negotiated independently via the
"signature_algorithms" extension. The JDK implementation does not
comply to this behavior changes in TLS 1.3.
There is a corner case that the signature algorithm "ecdsa_sha1" does
not define the related curves. If the key uses an unsupported curves,
the peer cannot verify the signature. In this fix, a countermeasure
is introduced to mitigate the impact by checking that the curve used
for "ecdsa_sha1" is local supported.
Please read the code for more details.
Thanks,
Xuelei
The code looks fine.. Just one nit in the comment that looks like you
lost control of your fingers :-)
X509Authentication.java
332 // independently via the "signature_algoriarethms" extension.
Oops, not sure how could it happen like this. I will correct it.
Thanks,
Xuelei
