Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
check keys as well of a credential or possession JDK-8145252-TLS13-branch
authorxuelei
Sat, 02 Jun 2018 07:24:25 -0700
branchJDK-8145252-TLS13-branch
changeset 56658 fe938437f7ba
parent 56657 c09b8b8c0017
child 56659 e5ed96e446ad
check keys as well of a credential or possession
src/java.base/share/classes/sun/security/ssl/CertificateVerify.java file | annotate | diff | comparison | revisions 
--- a/src/java.base/share/classes/sun/security/ssl/CertificateVerify.java	Fri Jun 01 13:23:11 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/CertificateVerify.java	Sat Jun 02 07:24:25 2018 -0700
@@ -126,7 +126,8 @@
                 }
             }
 
-            if (x509Credentials == null) {
+            if (x509Credentials == null ||
+                    x509Credentials.popPublicKey == null) {
                 shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
                     "No X509 credentials negotiated for CertificateVerify");
             }
@@ -230,7 +231,8 @@
                 }
             }
 
-            if (x509Possession == null) {
+            if (x509Possession == null ||
+                    x509Possession.popPrivateKey == null) {
                 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                     SSLLogger.fine(
                         "No X.509 credentials negotiated for CertificateVerify");
@@ -354,7 +356,8 @@
                 }
             }
 
-            if (x509Credentials == null) {
+            if (x509Credentials == null ||
+                    x509Credentials.popPublicKey == null) {
                 shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
                     "No X509 credentials negotiated for CertificateVerify");
             }
@@ -456,7 +459,8 @@
                 }
             }
 
-            if (x509Possession == null) {
+            if (x509Possession == null ||
+                    x509Possession.popPrivateKey == null) {
                 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                     SSLLogger.fine(
                         "No X.509 credentials negotiated for CertificateVerify");
@@ -604,7 +608,8 @@
                 }
             }
 
-            if (x509Credentials == null) {
+            if (x509Credentials == null ||
+                    x509Credentials.popPublicKey == null) {
                 shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
                     "No X509 credentials negotiated for CertificateVerify");
             }
@@ -694,7 +699,8 @@
                 }
             }
 
-            if (x509Possession == null) {
+            if (x509Possession == null ||
+                    x509Possession.popPrivateKey == null) {
                 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                     SSLLogger.fine(
                         "No X.509 credentials negotiated for CertificateVerify");
@@ -913,7 +919,8 @@
                 }
             }
 
-            if (x509Credentials == null) {
+            if (x509Credentials == null ||
+                    x509Credentials.popPublicKey == null) {
                 context.conContext.fatal(Alert.HANDSHAKE_FAILURE,
                     "No X509 credentials negotiated for CertificateVerify");
             }
@@ -1018,7 +1025,8 @@
                 }
             }
 
-            if (x509Possession == null) {
+            if (x509Possession == null ||
+                    x509Possession.popPrivateKey == null) {
                 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                     SSLLogger.fine(
                         "No X.509 credentials negotiated for CertificateVerify");
jdk-sandbox