src/java.base/share/classes/sun/security/ssl/ECPointFormatsExtension.java

rev 54061 : 8226374: Restrict TLS signature schemes and named groups
Reviewed-by: mullan

*** 32,42 ****
  import javax.net.ssl.SSLProtocolException;
  import static sun.security.ssl.SSLExtension.CH_EC_POINT_FORMATS;
  import sun.security.ssl.SSLExtension.ExtensionConsumer;
  import sun.security.ssl.SSLExtension.SSLExtensionSpec;
  import sun.security.ssl.SSLHandshake.HandshakeMessage;
! import sun.security.ssl.NamedGroup.NamedGroupType;
  
  /**
   * Pack of the "ec_point_formats" extensions [RFC 4492].
   */
  final class ECPointFormatsExtension {
--- 32,42 ----
  import javax.net.ssl.SSLProtocolException;
  import static sun.security.ssl.SSLExtension.CH_EC_POINT_FORMATS;
  import sun.security.ssl.SSLExtension.ExtensionConsumer;
  import sun.security.ssl.SSLExtension.SSLExtensionSpec;
  import sun.security.ssl.SSLHandshake.HandshakeMessage;
! import sun.security.ssl.NamedGroup.NamedGroupSpec;
  
  /**
   * Pack of the "ec_point_formats" extensions [RFC 4492].
   */
  final class ECPointFormatsExtension {
*** 177,187 ****
              }
  
              // Produce the extension.
              //
              // produce the extension only if EC cipher suite is activated.
!             if (NamedGroupType.NAMED_GROUP_ECDHE.isSupported(
                      chc.activeCipherSuites)) {
                  // We are using uncompressed ECPointFormat only at present.
                  byte[] extData = new byte[] {0x01, 0x00};
  
                  // Update the context.
--- 177,187 ----
              }
  
              // Produce the extension.
              //
              // produce the extension only if EC cipher suite is activated.
!             if (NamedGroupSpec.NAMED_GROUP_ECDHE.isSupported(
                      chc.activeCipherSuites)) {
                  // We are using uncompressed ECPointFormat only at present.
                  byte[] extData = new byte[] {0x01, 0x00};
  
                  // Update the context.