Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8132942

ServerHandshaker should not throw SSLHandshakeException when CertificateStatus constructor is called with invalid arguments

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P4 P4
    • 9
    • 9
    • security-libs

      The current implementation for OCSP stapling has ServerHandshaker trying to construct a CertificateStatus message, but if the arguments are invalid it throws SSLHandshakeException. This results in an unnecessary TLS fatal alert condition which could be handled more gracefully by checking the arguments before calling the constructor. There are at least a couple ways invalid data could be handled:

      If the checks can happen before the ServerHello message is sent, simply do not assert status_request or status_request_v2.
      If the checks have to happen after ServerHello, do not construct and send a CertificateStatus message.

      Either approach is legal per the protocol, option 1 is probably the better solution, if feasible.

            jnimeh Jamil Nimeh
            jnimeh Jamil Nimeh
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: