RFR (RFE-13): JDK-8224520: Support X25519 and X448 in TLS
Xuelei Fan
xuelei.fan at oracle.com
Fri Jun 7 15:40:02 UTC 2019
On 6/6/2019 1:27 PM, Bradford Wetmore wrote:
> Webrev: http://cr.openjdk.java.net/~wetmore/8171279/webrev.00/
CipherSuite.java
DHClientKeyExchange.java
DHKeyExchange.java
DHServerKeyExchange.java
-------------------------
Looks good to me.
ECDHClientKeyExchange.java
--------------------------
185 String name =
((NamedParameterSpec)params).getName();
186 namedGroup = NamedGroup.valueOf(name);
292 namedGroup =
NamedGroup.valueOf(namedParams.getName());
The enum builtin method valueOf(String) is used. There is not problem
here. But as requires the enum name in NamedGroup is exactly the same as
the name defined in NamedParameterSpec. It might be a potential risk
for future update of the names.
I was wondering, it might be less risky if define a method:
NamedGroup.valueOf(NamedParameterSpec), rather than using the enum
builtin valueOf(String).
I'm fine if you want to keep it.
Otherwise, looks fine to me.
ECDHKeyExchange.java
--------------------
471 break search;
The use of break label branching makes me a little bit nervous. I'm
fine if you like it.
Otherwise, looks fine to me.
ECDHServerKeyExchange.java
ECPointFormatsExtension.java
HandshakeContext.java
KeyShareExtension.java
SSLExtension.java (Thanks for adding more comments)
SSLKeyExchange.java
SSLSocketInputRecord.java
SignatureScheme.java
SupportedGroupsExtension.java
TransportContext.java
Utilities.java
X509Authentication.java
XDHKeyAgreement.java
XECParameters.java
SSLSocketTemplate.java
KAKeyDerivation.java
NamedGroup.java
NamedGroupCredentials.java
NamedGroupPossession.java
XDHKeyExchange.java
SupportedGroups.java
--------------------
All looks fine to me.
Great work! Simple and straightforward update!
Thanks,
Xuelei
More information about the security-dev
mailing list