The change itself looks ok, but a question on the previous code.
420: Why is SHA224 disabled when SunMSCAPI is present? Or
alternatively, why is SHA224 enabled when SunMSCAPI not present?
Shouldn't this be based on whether there is a SHA224 implementation
available? And if so, why are we not verifying that an implementation
exists (getInstance("SHA256") doesn't throw exception) for the other
algorithms also (SHA1/RSA/etc)?
The synopsis should probably be:
Support SHA224withDSA/SHA256withDSA in TLSv1.2 \
signature_algorithms extension
Also, note the case of the "W" in "SHA256WithDSA".
Brad
On 12/14/2015 9:47 PM, Xuelei Fan wrote:
On 12/15/2015 1:40 PM, Xuelei Fan wrote:
Hi,
Please this enhancement to the JSSE implementation:
Please review this enhancement to the JSSE implementation:
http://cr.openjdk.java.net/~xuelei/8049321/webrev.00/
This change will add support for the SHA224withDSA and SHA256withDSA
algorithms in the TLS "signature_algorithms" extension in the SunJSSE
provider. Note that this extension does not apply to TLS 1.1 and
previous versions.
Thanks,
Xuelei
