archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8242141: New System Properties to configure the TLS signature schemes

Browse source 
Reviewed-by: ascarpino, jnimeh, mullan
This commit is contained in:
Xue-Lei Andrew Fan 2020-04-22 10:51:16 -07:00
parent 5efa545d48
commit 72446bb0dc
12 changed files with 233 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/java.base/share/classes/sun/security/ssl/CertSignAlgsExtension.java
View file

@ -100,6 +100,7 @@ final class CertSignAlgsExtension {
if (chc.localSupportedSignAlgs == null) {
chc.localSupportedSignAlgs =
SignatureScheme.getSupportedAlgorithms(
chc.sslConfig,
chc.algorithmConstraints, chc.activeProtocols);
}
@ -188,6 +189,7 @@ final class CertSignAlgsExtension {
// update the context
List<SignatureScheme> schemes =
SignatureScheme.getSupportedAlgorithms(
shc.sslConfig,
shc.algorithmConstraints, shc.negotiatedProtocol,
spec.signatureSchemes);
shc.peerRequestedCertSignSchemes = schemes;
@ -240,6 +242,7 @@ final class CertSignAlgsExtension {
// Produce the extension.
List<SignatureScheme> sigAlgs =
SignatureScheme.getSupportedAlgorithms(
shc.sslConfig,
shc.algorithmConstraints,
List.of(shc.negotiatedProtocol));
@ -326,6 +329,7 @@ final class CertSignAlgsExtension {
// update the context
List<SignatureScheme> schemes =
SignatureScheme.getSupportedAlgorithms(
chc.sslConfig,
chc.algorithmConstraints, chc.negotiatedProtocol,
spec.signatureSchemes);
chc.peerRequestedCertSignSchemes = schemes;