RFR: 8365820: Apply certificate scope constraints to algorithms in "signature_algorithms" extension when "signature_algorithms_cert" extension is not being sent [v8]
Hai-May Chao
hchao at openjdk.org
Thu Sep 25 01:42:54 UTC 2025
On Wed, 24 Sep 2025 21:20:23 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> [JDK-8349583](https://bugs.openjdk.org/browse/JDK-8349583) implementation assumes that OpenJDK client always sends "signature_algorithms_cert" extension together with "signature_algorithms" extension. But we didn't account for `jdk.tls.client.disableExtensions` and `jdk.tls.server.disableExtensions` system properties which can disable producing "signature_algorithms_cert" extension. This is an issue similar to [JDK-8355779](https://bugs.openjdk.org/browse/JDK-8355779) but on the extension producing side.
>>
>> Per TLSv1.3 RFC:
>>
>>> If no "signature_algorithms_cert" extension is
>>> present, then the "signature_algorithms" extension also applies to
>>> signatures appearing in certificates.
>>
>> Also making a few cosmetic changes to the existing code.
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>
> Update the tests summary discription
Changes look good.
-------------
Marked as reviewed by hchao (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/26887#pullrequestreview-3265229319
More information about the security-dev
mailing list