On Sat, 20 Feb 2021 01:56:37 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
> This fix adjusts the SunJSSE provider's handling of the jdk.tls.[client | > server].SignatureSchemes property and its effect on messages that assert the > signature_algorithms and signature_algorithms_cert extensions, or > supported_signature_algorithms vectors like those used in TLS 1.2 > CertificateRequest messages. With this change, the ordering of the signature > algorithms in the property value will be preserved in the ordering as integer > identifiers in the messages itself. Prior to this fix the property > algorithms will be asserted, but in the order as shown in the > sun.security.ssl.SignatureAlgorithms enumeration. > > This does not affect the default ordering of these signature schemes when the > property is not given a value. > > JBS: https://bugs.openjdk.java.net/browse/JDK-8255867 src/java.base/share/classes/sun/security/ssl/SignatureScheme.java line 43: > 41: import java.util.Map; > 42: import java.util.Set; > 43: import java.util.stream.Collectors; Remnant from an earlier attempt at a fix, will remove. ------------- PR: https://git.openjdk.java.net/jdk/pull/2658
