-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 9
-
Component/s: security-libs
-
b110
The current implementation for OCSP stapling has ServerHandshaker trying to construct a CertificateStatus message, but if the arguments are invalid it throws SSLHandshakeException. This results in an unnecessary TLS fatal alert condition which could be handled more gracefully by checking the arguments before calling the constructor. There are at least a couple ways invalid data could be handled:
If the checks can happen before the ServerHello message is sent, simply do not assert status_request or status_request_v2.
If the checks have to happen after ServerHello, do not construct and send a CertificateStatus message.
Either approach is legal per the protocol, option 1 is probably the better solution, if feasible.
If the checks can happen before the ServerHello message is sent, simply do not assert status_request or status_request_v2.
If the checks have to happen after ServerHello, do not construct and send a CertificateStatus message.
Either approach is legal per the protocol, option 1 is probably the better solution, if feasible.
- relates to
-
JDK-8046321 JEP 249: OCSP Stapling for TLS
-
- Closed
-