RFR: 8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled [v3]
Artur Barashev
abarashev at openjdk.org
Tue Apr 15 16:04:54 UTC 2025
On Tue, 15 Apr 2025 14:32:47 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Update Copyright
>
> test/jdk/sun/security/ssl/SignatureScheme/MD5NotAllowedInTLS13CertificateSignature.java line 270:
>
>> 268: // MD5 is disabled by default in java.security config file.
>> 269: Security.setProperty("jdk.certpath.disabledAlgorithms", "");
>> 270: Security.setProperty("jdk.tls.disabledAlgorithms", "");
>
> Use `SecurityUtils.removeFromDisabledAlgs` and only remove MD5 from these properties.
Done.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24425#discussion_r2044980058
More information about the net-dev
mailing list