[cp-patches] FYI: fix keyUsage bit checking
csm at gnu.org
Fri Mar 23 04:53:20 UTC 2007
Our SSL client implementation was just passing the certificate to the
RSA cipher, in the RSA key exchange. This implicitly checks the
`dataEncipherment' bit of the certificate's keyUsage field, which
isn't correct. The correct test is for the `keyEncipherment' bit.
2007-03-22 Casey Marshall <csm at gnu.org>
* gnu/javax/net/ssl/provider/ClientHandshake.java (RSAGen.implRun):
check keyEncipherment bit of the certificate, and just pass the public
key to the cipher.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1162 bytes
Desc: not available
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20070322/ef90460a/ssl-keyusage.obj
More information about the Classpath-patches