RFR: JDK-8166596: TLS support for the EdDSA signature algorithm

Xue-Lei Andrew Fan xuelei at openjdk.java.net
Tue Nov 17 20:49:04 UTC 2020


On Tue, 17 Nov 2020 19:47:37 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:

>> test/jdk/javax/net/ssl/TLSCommon/TLSWithEdDSA.java line 583:
>> 
>>> 581:         serverParameters.put(ParamType.CERTALIAS, "EE_ED25519");
>>> 582:         runtest(testFormat, isPeerEd25519, null, null, null);
>>> 583:         serverParameters.remove(ParamType.CERTALIAS);
>> 
>> I did not get the idea here.  Is there a special case in practice that use a similar key manger like the AliasKeyManager?
>
> Right now, for TLS 1.0/1.1 EC certificates will be favored over EdDSA certificates in keystores that have valid certificates with both kinds of keys.  There's nothing we can do about that because 1.0/1.1 has no signaling mechanism to indicate signature preference like 1.2+ has.  Given that, I was thinking of ways to get around that restriction and one case I thought of was the Tomcat connector, which has options to specify a certificate for use by alias.  I wanted to make sure that we could still do that for 1.0/1.1 and it wouldn't break so I cooked up this simple KeyManager and ran a basic connection, expecting to see the cert specified by the alias.

Got it.  Thanks!

-------------

PR: https://git.openjdk.java.net/jdk/pull/1197



More information about the security-dev mailing list