RFR [15] JDK-8215711, Missing key_share extension for (EC)DHE key exchange should alert missing_extension
Anthony Scarpino
anthony.scarpino at oracle.com
Sun Apr 5 20:41:35 UTC 2020
On 4/4/20 6:11 PM, Xuelei Fan wrote:
> Hi,
>
> Could I have the following update reviewed?
>
> http://cr.openjdk.java.net/~xuelei/8215711/webrev.00/
>
> In the current TLS implementation, if one of "supported_groups"
> extension and "key_share" extension is not present in the ClientHello
> handshake message, the internal_error alter will be used. Per the spec
> (RFC 8846), the alert should be "missing_extension" alert.
>
> The fuzzing test passed with this update. No new regression test
> (noreg-external).
>
> Thanks,
> Xuelei
The change looks fine. It looks like you implemented what is in section
9.2, and it looks like the absent methods will be called from the
consumeOnLoad() as all those extensions can be in a ClientHello msg.
thanks
Tony
More information about the security-dev
mailing list