-
Bug
-
Resolution: Fixed
-
P4
-
8, 11
-
b01
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8339215 | 8u441 | Nibedita Jena | P4 | Resolved | Fixed | b01 |
Ben Smyth reported this on the security-dev mailing list https://mail.openjdk.org/pipermail/security-dev/2022-June/031003.html:
We have
// extensions defined in RFC 7250
CLIENT_CERT_TYPE (0x0013, "padding"),
SERVER_CERT_TYPE (0x0014, "server_certificate_type"),
// extensions defined in RFC 7685
PADDING (0x0015, "client_certificate_type"),
We should have
// extensions defined in RFC 7250
CLIENT_CERT_TYPE (0x0013, "client_certificate_type"),
SERVER_CERT_TYPE (0x0014, "server_certificate_type"),
// extensions defined in RFC 7685
PADDING (0x0015, "padding"),
This issue has been fixed in Java 16 and above but is still an issue in lower versions like Java 8 and Java 11.
We have
// extensions defined in RFC 7250
CLIENT_CERT_TYPE (0x0013, "padding"),
SERVER_CERT_TYPE (0x0014, "server_certificate_type"),
// extensions defined in RFC 7685
PADDING (0x0015, "client_certificate_type"),
We should have
// extensions defined in RFC 7250
CLIENT_CERT_TYPE (0x0013, "client_certificate_type"),
SERVER_CERT_TYPE (0x0014, "server_certificate_type"),
// extensions defined in RFC 7685
PADDING (0x0015, "padding"),
This issue has been fixed in Java 16 and above but is still an issue in lower versions like Java 8 and Java 11.
- backported by
-
JDK-8339215 SSLExtension has incorrect name for PADDING and CLIENT_CERT_TYPE
-
- Resolved
-
- relates to
-
JDK-8166596 TLS support for the EdDSA signature algorithm
-
- Resolved
-