RFR: 8366364: Address inconsistencies in SSLParameters object returned by SSLConfiguration#getSSLParameters() call
Artur Barashev
abarashev at openjdk.org
Fri Oct 24 19:36:01 UTC 2025
On Fri, 24 Oct 2025 08:33:30 GMT, Francesco Andreuzzi <fandreuzzi at openjdk.org> wrote:
>> We need to address the following inconsistencies in SSLConfiguration#getSSLParameters() call:
>> - For the signatureSchemes we return only what's been set by the user, the default values are not being returned like for other SSLParameters.
>> - namedGroups return value is not being filtered against algorithm constraints, unlike other SSLParameters.
>
> src/java.base/share/classes/sun/security/ssl/SignatureScheme.java line 422:
>
>> 420: || config.signatureSchemes == null ?
>> 421: Arrays.asList(SignatureScheme.values()) :
>> 422: Arrays.stream(config.signatureSchemes)
>
> The formatting makes this assignment a bit hard to follow. Perhaps a simple `if` statement would behave better?
Indeed, replaced with `if-else` statement. Thanks!
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27961#discussion_r2461766887
More information about the security-dev
mailing list