8149017: Delayed provider selection broken in RSA client key exchange
Reviewed-by: coffeys
This commit is contained in:
parent
666a2ae49a
commit
5669c583c4
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -115,10 +115,31 @@ final class RSAClientKeyExchange extends HandshakeMessage {
|
|||||||
|
|
||||||
byte[] encoded = null;
|
byte[] encoded = null;
|
||||||
try {
|
try {
|
||||||
|
boolean needFailover = false;
|
||||||
Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1);
|
Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1);
|
||||||
boolean needFailover = !KeyUtil.isOracleJCEProvider(
|
try {
|
||||||
cipher.getProvider().getName());
|
// Try UNWRAP_MODE mode firstly.
|
||||||
|
cipher.init(Cipher.UNWRAP_MODE, privateKey,
|
||||||
|
new TlsRsaPremasterSecretParameterSpec(
|
||||||
|
maxVersion.v, currentVersion.v),
|
||||||
|
generator);
|
||||||
|
|
||||||
|
// The provider selection can be delayed, please don't call
|
||||||
|
// any Cipher method before the call to Cipher.init().
|
||||||
|
needFailover = !KeyUtil.isOracleJCEProvider(
|
||||||
|
cipher.getProvider().getName());
|
||||||
|
} catch (InvalidKeyException | UnsupportedOperationException iue) {
|
||||||
|
if (debug != null && Debug.isOn("handshake")) {
|
||||||
|
System.out.println("The Cipher provider " +
|
||||||
|
cipher.getProvider().getName() +
|
||||||
|
" caused exception: " + iue.getMessage());
|
||||||
|
}
|
||||||
|
|
||||||
|
needFailover = true;
|
||||||
|
}
|
||||||
|
|
||||||
if (needFailover) {
|
if (needFailover) {
|
||||||
|
// Use DECRYPT_MODE and dispose the previous initialization.
|
||||||
cipher.init(Cipher.DECRYPT_MODE, privateKey);
|
cipher.init(Cipher.DECRYPT_MODE, privateKey);
|
||||||
boolean failed = false;
|
boolean failed = false;
|
||||||
try {
|
try {
|
||||||
@ -134,10 +155,7 @@ final class RSAClientKeyExchange extends HandshakeMessage {
|
|||||||
maxVersion.v, currentVersion.v,
|
maxVersion.v, currentVersion.v,
|
||||||
encoded, generator);
|
encoded, generator);
|
||||||
} else {
|
} else {
|
||||||
cipher.init(Cipher.UNWRAP_MODE, privateKey,
|
// the cipher should have been initialized
|
||||||
new TlsRsaPremasterSecretParameterSpec(
|
|
||||||
maxVersion.v, currentVersion.v),
|
|
||||||
generator);
|
|
||||||
preMaster = (SecretKey)cipher.unwrap(encrypted,
|
preMaster = (SecretKey)cipher.unwrap(encrypted,
|
||||||
"TlsRsaPremasterSecret", Cipher.SECRET_KEY);
|
"TlsRsaPremasterSecret", Cipher.SECRET_KEY);
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user