RFR: 8280494: (D)TLS signature schemes [v2]

Sean Mullan mullan at openjdk.java.net
Fri Jan 28 15:34:15 UTC 2022 

On Fri, 28 Jan 2022 07:21:56 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> This update is to support signature schemes customization for individual (D)TLS connection.  Please review the CSR as well:
>> CSR: https://bugs.openjdk.java.net/browse/JDK-8280495
>> RFE: https://bugs.openjdk.java.net/browse/JDK-8280494
>
> Xue-Lei Andrew Fan has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Copyright correction

src/java.base/share/classes/javax/net/ssl/SSLParameters.java line 94:

> 92: 
> 93:     /**
> 94:      * Constructs SSLParameters.

Would it be useful to add another ctor that takes a signature schemes array parameter?

src/java.base/share/classes/javax/net/ssl/SSLParameters.java line 709:

> 707:      * "{@docRoot}/../specs/security/standard-names.html#signature-schemes">
> 708:      * Signature Schemes</a> section of the Java Cryptography
> 709:      * Architecture Standard Algorithm Name Documentation, and may also

The correct name is "Java Security Standard Algorithm Names Specification". Same comment below for `setSignatureSchemes`.

src/java.base/share/classes/javax/net/ssl/SSLParameters.java line 710:

> 708:      * Signature Schemes</a> section of the Java Cryptography
> 709:      * Architecture Standard Algorithm Name Documentation, and may also
> 710:      * include other signature schemes that the provider supports.

There doesn't seem to be anything preventing a user from setting a bogus signature scheme (ex: named "foo") - which is neither a standard name or a provider specific name.
I think the method may be too tightly specified, and you should make this more general and not put any constraints on the names of the signature schemes. (Although we should still link to the specification for a list of standard names). 

It would be useful to explain when this method returns pre-populated scheme names as supported by the underlying provider and when it may return an empty list.

src/java.base/share/classes/javax/net/ssl/SSLParameters.java line 746:

> 744:      * @param signatureSchemes an ordered array of signature scheme names,
> 745:      *        with the first entry being the most preferred. If the array
> 746:      *        is empty (zero-length), the prodiver-specific default signature

typo: prodiver -> provider

-------------

PR: https://git.openjdk.java.net/jdk/pull/7252

More information about the security-dev mailing list