Commit 7f1b2d5d authored by Alex Klyubin's avatar Alex Klyubin Committed by Android Git Automerger
Browse files

am 6da3c4a6: am ef6e14e8: SSLEngine: Verify server RSA params signature

* commit '6da3c4a6':
  SSLEngine: Verify server RSA params signature
parents 74e97557 6da3c4a6
......@@ -416,6 +416,16 @@ public class ClientHandshakeImpl extends HandshakeProtocol {
try {
c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
if (serverKeyExchange != null) {
if (!session.cipherSuite.isAnonymous()) {
DigitalSignature ds = new DigitalSignature(serverCert.getAuthType());
ds.init(serverCert.certs[0]);
ds.update(clientHello.getRandom());
ds.update(serverHello.getRandom());
if (!serverKeyExchange.verifySignature(ds)) {
fatalAlert(AlertProtocol.DECRYPT_ERROR, "Cannot verify RSA params");
return;
}
}
c.init(Cipher.WRAP_MODE, serverKeyExchange
.getRSAPublicKey());
} else {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment