[cp-patches] FYI: fix keyUsage bit checking

Casey Marshall csm at gnu.org
Fri Mar 23 04:53:20 UTC 2007


Our SSL client implementation was just passing the certificate to the  
RSA cipher, in the RSA key exchange. This implicitly checks the  
`dataEncipherment' bit of the certificate's keyUsage field, which  
isn't correct. The correct test is for the `keyEncipherment' bit.

2007-03-22  Casey Marshall  <csm at gnu.org>

	* gnu/javax/net/ssl/provider/ClientHandshake.java (RSAGen.implRun):
	check keyEncipherment bit of the certificate, and just pass the public
	key to the cipher.

Committed.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl-keyusage.patch
Type: application/octet-stream
Size: 1162 bytes
Desc: not available
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20070322/ef90460a/ssl-keyusage.obj


More information about the Classpath-patches mailing list