[cp-patches] FYI: fix keyUsage bit checking

Casey Marshall Thu, 22 Mar 2007 20:53:42 -0800

Our SSL client implementation was just passing the certificate to the RSA cipher, in the RSA key exchange. This implicitly checks the `dataEncipherment' bit of the certificate's keyUsage field, which isn't correct. The correct test is for the `keyEncipherment' bit.


2007-03-22  Casey Marshall  <[EMAIL PROTECTED]>


        * gnu/javax/net/ssl/provider/ClientHandshake.java (RSAGen.implRun):
        check keyEncipherment bit of the certificate, and just pass the public
        key to the cipher.

Committed.

ssl-keyusage.patch
Description: Binary data

[cp-patches] FYI: fix keyUsage bit checking

Reply via email to