RandomCookie.java (was Re: Code Review Request: TLS 1.3 Implementation)
Xuelei Fan
xuelei.fan at oracle.com
Wed Jun 6 16:41:20 UTC 2018
Update: http://hg.openjdk.java.net/jdk/sandbox/rev/cf2370de8673
This update will be included in the next webrev for further code review
if needed.
Thanks,
Xuelei
On 6/6/2018 9:19 AM, Xuelei Fan wrote:
> On 6/5/2018 10:37 PM, Weijun Wang wrote:
>> RandomCookie.java:
>>
>> + private boolean isT12Downgrade() {
>> + return Arrays.equals(randomBytes, 24, 31, t12Protection, 0, 7);
>> + }
>> +
>> + private boolean isT11Downgrade() {
>> + return Arrays.equals(randomBytes, 24, 31, t11Protection, 0, 7);
>> + }
>>
>> The "to" in Arrays::equals is exclusive, so please update 31 -> 32, 7
>> -> 8.
>>
> Good catch!
More information about the security-dev
mailing list