< prev index next >
src/java.base/share/classes/sun/security/ssl/ECDHServerKeyExchange.java
Print this page
rev 54061 : 8226374: Restrict TLS signature schemes and named groups
Reviewed-by: mullan
*** 37,46 ****
--- 37,47 ----
import java.security.Signature;
import java.security.SignatureException;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.Map;
+ import sun.security.ssl.NamedGroup.NamedGroupSpec;
import sun.security.ssl.SSLHandshake.HandshakeMessage;
import sun.security.ssl.SupportedGroupsExtension.SupportedGroups;
import sun.security.ssl.X509Authentication.X509Credentials;
import sun.security.ssl.X509Authentication.X509Possession;
import sun.security.util.HexDumpEncoder;
*** 109,125 ****
"No ECDHE credentials negotiated for server key exchange");
}
// Find the NamedGroup used for the ephemeral keys.
namedGroup = namedGroupPossession.getNamedGroup();
publicPoint = namedGroup.encodePossessionPublicKey(
namedGroupPossession);
!
! if ((namedGroup == null) || (namedGroup.oid == null) ) {
// unlikely
throw shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
! "Missing Named Group");
}
if (x509Possession == null) {
// anonymous, no authentication, no signature
paramsSignature = null;
--- 110,131 ----
"No ECDHE credentials negotiated for server key exchange");
}
// Find the NamedGroup used for the ephemeral keys.
namedGroup = namedGroupPossession.getNamedGroup();
+ if ((namedGroup == null) || (!namedGroup.isAvailable)) {
+ // unlikely
+ throw shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
+ "Missing or improper named group: " + namedGroup);
+ }
+
publicPoint = namedGroup.encodePossessionPublicKey(
namedGroupPossession);
! if (publicPoint == null) {
// unlikely
throw shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
! "Missing public point for named group: " + namedGroup);
}
if (x509Possession == null) {
// anonymous, no authentication, no signature
paramsSignature = null;
*** 130,139 ****
--- 136,146 ----
shc.negotiatedProtocol.useTLS12PlusSpec();
Signature signer = null;
if (useExplicitSigAlgorithm) {
Map.Entry<SignatureScheme, Signature> schemeAndSigner =
SignatureScheme.getSignerOfPreferableAlgorithm(
+ shc.algorithmConstraints,
shc.peerRequestedSignatureSchemes,
x509Possession,
shc.negotiatedProtocol);
if (schemeAndSigner == null) {
// Unlikely, the credentials generator should have
< prev index next >