Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8132942

ServerHandshaker should not throw SSLHandshakeException when CertificateStatus constructor is called with invalid arguments

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 9
    • Fix Version/s: 9
    • Component/s: security-libs
    • Labels:

      Description

      The current implementation for OCSP stapling has ServerHandshaker trying to construct a CertificateStatus message, but if the arguments are invalid it throws SSLHandshakeException. This results in an unnecessary TLS fatal alert condition which could be handled more gracefully by checking the arguments before calling the constructor. There are at least a couple ways invalid data could be handled:

      If the checks can happen before the ServerHello message is sent, simply do not assert status_request or status_request_v2.
      If the checks have to happen after ServerHello, do not construct and send a CertificateStatus message.

      Either approach is legal per the protocol, option 1 is probably the better solution, if feasible.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jnimeh Jamil Nimeh
                Reporter:
                jnimeh Jamil Nimeh
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: