RFR: 8366364: Return enabled signature schemes with SSLConfiguration#getSSLParameters() call [v8]
Sean Mullan
mullan at openjdk.org
Fri Oct 31 17:19:08 UTC 2025
On Thu, 30 Oct 2025 18:10:59 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> For the signatureSchemes we return only what's been set by the user, the default values are not being returned like for other SSLParameters.
>> Also enhancing "java -XshowSettings:security:tls" option to show the enabled signature schemes.
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>
> Signatures schemes using sha224 are not available on Windows
src/java.base/share/classes/sun/security/ssl/SignatureScheme.java line 424:
> 422: for (String name : config.signatureSchemes) {
> 423: var ss = SignatureScheme.nameOf(name);
> 424: if (ss != null) {
The previous code (in `namesOfAvailable()`) also checked if the scheme was available before adding it. Did you remove that check because it was redundant as the next loop checks that?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27961#discussion_r2482164603
More information about the security-dev
mailing list