Code Review Request, JDK-8213782: NullPointerException in

Xue-Lei Fan at
Fri Dec 14 17:00:02 UTC 2018


Could I have the fix reviewed?

The SSLCipher.createReadCipher() and createWriteCipher() could return 
null if the cipher is not supported or the cipher is not available for a 
certain protocol version.  The caller should check the null value, and 
send back a "illegal_parameter" alert for such cases.

I did not add new regression test. The update is straightforward, while 
constructing an illegal handshake message for such cases is complicated.


More information about the security-dev mailing list