RFR: 8355779: When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension
Artur Barashev
abarashev at openjdk.org
Mon Apr 28 21:37:21 UTC 2025
Per TLSv1.3 RFC:
If no "signature_algorithms_cert" extension is
present, then the "signature_algorithms" extension also applies to
signatures appearing in certificates.
When no "signature_algorithms_cert" extension is present in ClientHello we simply copy "signature_algorithms" extension algorithms already filtered with HANDSHAKE_SCOPE to `peerRequestedCertSignSchemes`. Instead we should filter "signature_algorithms" extension algorithms with CERTIFICATE_SCOPE as certain algorithms are allowed to be used in certificate signatures but not in handshake signatures.
-------------
Commit messages:
- 8355779: When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension
Changes: https://git.openjdk.org/jdk/pull/24939/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24939&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8355779
Stats: 94 lines in 1 file changed: 46 ins; 46 del; 2 mod
Patch: https://git.openjdk.org/jdk/pull/24939.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/24939/head:pull/24939
PR: https://git.openjdk.org/jdk/pull/24939
More information about the security-dev
mailing list