TLS 1.2 signature_algorithms extension processing
Florian Weimer
fweimer at redhat.com
Fri Nov 23 14:34:44 UTC 2012
On 11/23/2012 02:58 PM, Xuelei Fan wrote:
> On 11/23/2012 1:59 AM, Florian Weimer wrote:
>> Is the extension actually being processed?
> Yes.
>
>> sun.security.ssl.HandshakeHash.setCertificateVerifyAlg(String) appears
>> to have no effect because the cvAlg member is never read.
>>
> Need to clean up the code. We do not actually use the above code to
> verify CertificateVerify message for TLS 1.2.
Okay, I will try to come up with a patch.
--
Florian Weimer / Red Hat Product Security Team
More information about the security-dev
mailing list