Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8240190

Unsupported named group could be used in the key share extension

    Details

    • Type: Bug
    • Status: Open
    • Priority: P3
    • Resolution: Unresolved
    • Affects Version/s: 8u-tls13-repo, 11, 15
    • Fix Version/s: 16
    • Component/s: security-libs
    • Labels:

      Description

       If TLS 1.2 or previous versions is enabled together with TLS 1.3, the key share extension may use TLS 1.3 unsupported named groups. If only TLS 1.3 get enabled, the ClientHello could be generated without the key share extension, rather than throw exception immediately.

        Attachments

          Activity

            People

            • Assignee:
              xuelei Xue-Lei Fan
              Reporter:
              xuelei Xue-Lei Fan
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: