Integrated: JDK-8263188: JSSE should fail fast if there isn't supported signature algorithm
John Jiang
jjiang at openjdk.java.net
Mon Mar 29 05:56:32 UTC 2021
On Mon, 8 Mar 2021 15:27:45 GMT, John Jiang <jjiang at openjdk.org> wrote:
> If signature_algorithms extension is present, but the algorithms are unreconginzed or unsupported, JSSE peers should send fatal alert immediately.
> For example, in this case, it's unnecssary to try to produce ServerHello, Certificate and ServerKeyExchange messages.
This pull request has now been integrated.
Changeset: 99b4bab3
Author: John Jiang <jjiang at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/99b4bab3
Stats: 494 lines in 6 files changed: 481 ins; 0 del; 13 mod
8263188: JSSE should fail fast if there isn't supported signature algorithm
Reviewed-by: xuelei
-------------
PR: https://git.openjdk.java.net/jdk/pull/2876
More information about the security-dev
mailing list