RFR: 8355779: When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension [v2]
duke
duke at openjdk.org
Wed Apr 30 16:56:49 UTC 2025
On Mon, 28 Apr 2025 22:34:24 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Per TLSv1.3 RFC:
>>
>>
>> If no "signature_algorithms_cert" extension is
>> present, then the "signature_algorithms" extension also applies to
>> signatures appearing in certificates.
>>
>>
>> When no "signature_algorithms_cert" extension is present in ClientHello we simply copy "signature_algorithms" extension algorithms already filtered with HANDSHAKE_SCOPE to `peerRequestedCertSignSchemes`. Instead we should filter "signature_algorithms" extension algorithms with CERTIFICATE_SCOPE as certain algorithms are allowed to be used in certificate signatures but not in handshake signatures.
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>
> Take "signature_algorithms_cert" extension as parameter
@artur-oracle
Your change (at version ae1b30609fce534f7b3e272c96a8cda24853b36c) is now ready to be sponsored by a Committer.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/24939#issuecomment-2842637038
More information about the security-dev
mailing list