procyberian/gcc
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ClientHandshake.java (RSAGen.implRun): check keyEncipherment bit of the certificate...

Browse source 
2007-03-28  Casey Marshall  <csm@gnu.org>

	* gnu/javax/net/ssl/provider/ClientHandshake.java (RSAGen.implRun):
	check keyEncipherment bit of the certificate, and just pass the public
	key to the cipher.

From-SVN: r123307
This commit is contained in:
Casey Marshall 2007-03-28 18:25:07 +00:00 committed by Tom Tromey
parent 8eced3a2a9
commit 5a953bf101
4 changed files with 13 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
libjava/classpath/ChangeLog
View file

@ -1,3 +1,9 @@
2007-03-28 Casey Marshall <csm@gnu.org>
* gnu/javax/net/ssl/provider/ClientHandshake.java (RSAGen.implRun):
check keyEncipherment bit of the certificate, and just pass the public
key to the cipher.
2007-03-27 Casey Marshall <csm@gnu.org>
PR classpath/31302:

8
libjava/classpath/gnu/javax/net/ssl/provider/ClientHandshake.java
View file

@ -1082,7 +1082,13 @@ outer_loop:
Cipher rsa = Cipher.getInstance("RSA");
java.security.cert.Certificate cert
= engine.session().getPeerCertificates()[0];
rsa.init(Cipher.ENCRYPT_MODE, cert);
if (cert instanceof X509Certificate)
{
boolean[] keyUsage = ((X509Certificate) cert).getKeyUsage();
if (keyUsage != null && !keyUsage[2])
throw new InvalidKeyException("certificate's keyUsage does not permit keyEncipherment");
}
rsa.init(Cipher.ENCRYPT_MODE, cert.getPublicKey());
encryptedPreMasterSecret = rsa.doFinal(preMasterSecret);
// Generate our session keys, because we can.

BIN
libjava/classpath/lib/gnu/javax/net/ssl/provider/ClientHandshake$GenCertVerify.class
View file

Binary file not shown.

BIN
libjava/classpath/lib/gnu/javax/net/ssl/provider/ClientHandshake$RSAGen.class
View file

Binary file not shown.