RFR [13] JDK-8226374 Restric signature algorithms and named groups

Xuelei Fan xuelei.fan at oracle.com
Mon Jul 8 03:00:12 UTC 2019

ping ...

On 6/28/2019 1:41 PM, Xuelei Fan wrote:
> Hi,
> Could I get the following update reviewed?
>      http://cr.openjdk.java.net/~xuelei/8226374/webrev.00/
> During handshaking, the selection of signature algorithms was not 
> checked with the algorithm constraints.  Then the available signature 
> algorithms may be ignored if a restricted algorithm get selected.  The 
> connection should be able to be established as there are available 
> algorithms.
> Within this update, more algorithm constraints checking are introduced 
> in the signature algorithms and named groups code.
> The significant changes are in NamedGroup.java and SignatureScheme.java, 
> in order to introduce the checking and algorithm parameters and specs.
> Thanks,
> Xuelei

More information about the security-dev mailing list