[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[commit-cp] classpath ChangeLog gnu/javax/net/ssl/provider/...
From: |
Andrew John Hughes |
Subject: |
[commit-cp] classpath ChangeLog gnu/javax/net/ssl/provider/... |
Date: |
Wed, 21 Dec 2011 15:35:09 +0000 |
CVSROOT: /sources/classpath
Module name: classpath
Changes by: Andrew John Hughes <gnu_andrew> 11/12/21 15:35:09
Modified files:
. : ChangeLog
gnu/javax/net/ssl/provider: CipherSuite.java
OutputSecurityParameters.java
SSLEngineImpl.java
Log message:
Fix block-wise chosen-plaintext against SSL/TLS (BEAST) (CVE-2011-3389)
2011-12-01 Andrew John Hughes <address@hidden>
* gnu/javax/net/ssl/provider/CipherSuite.java:
Pass CBC mode to the static CipherSuite instances.
(isCBCMode): New variable.
(CipherSuite(CipherAlgorithm, KeyExchangeAlgorithm,
SignatureAlgorithm, MacAlgorithm, int, int, int, String,
boolean)):
Allow isCBCMode to be specified.
(CipherSuite(CipherAlgorithm, KeyExchangeAlgorithm, boolean,
SignatureAlgorithm, MacAlgorithm, int, int, int, String,
boolean)):
Likewise.
(cipher()): Generalise setting of 'alg' to work with any suite
that does not use CBC, not just "RC4".
(isCBCMode()): New method. Returns true if the CBC mode is
used.
* gnu/javax/net/ssl/provider/OutputSecurityParameters.java:
(enableCBCProtection): Set to true by default of if
jsse.enableCBCProtection
is true.
(needToSplitPayload()): Returns true if TLS < 1.1 is in use with
a CBC mode cipher and CBC protection is enabled.
* gnu/javax/net/ssl/provider/SSLEngineImpl.java:
(wrap(ByteBuffer[], int, int, ByteBuffer)): Send application
data
as two packets (1 and n - 1) if CBC protection is enabled.
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/classpath/ChangeLog?cvsroot=classpath&r1=1.9833&r2=1.9834
http://cvs.savannah.gnu.org/viewcvs/classpath/gnu/javax/net/ssl/provider/CipherSuite.java?cvsroot=classpath&r1=1.3&r2=1.4
http://cvs.savannah.gnu.org/viewcvs/classpath/gnu/javax/net/ssl/provider/OutputSecurityParameters.java?cvsroot=classpath&r1=1.4&r2=1.5
http://cvs.savannah.gnu.org/viewcvs/classpath/gnu/javax/net/ssl/provider/SSLEngineImpl.java?cvsroot=classpath&r1=1.4&r2=1.5
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [commit-cp] classpath ChangeLog gnu/javax/net/ssl/provider/...,
Andrew John Hughes <=