On Sat, 20 Feb 2021 01:56:37 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
> This fix adjusts the SunJSSE provider's handling of the jdk.tls.[client | > server].SignatureSchemes property and its effect on messages that assert the > signature_algorithms and signature_algorithms_cert extensions, or > supported_signature_algorithms vectors like those used in TLS 1.2 > CertificateRequest messages. With this change, the ordering of the signature > algorithms in the property value will be preserved in the ordering as integer > identifiers in the messages itself. Prior to this fix the property > algorithms will be asserted, but in the order as shown in the > sun.security.ssl.SignatureAlgorithms enumeration. > > This does not affect the default ordering of these signature schemes when the > property is not given a value. > > JBS: https://bugs.openjdk.java.net/browse/JDK-8255867 This pull request has now been integrated. Changeset: a30fb4fc Author: Jamil Nimeh <jni...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/a30fb4fc Stats: 356 lines in 3 files changed: 342 ins; 0 del; 14 mod 8255867: SignatureScheme JSSE property does not preserve ordering in handshake messages Reviewed-by: xuelei ------------- PR: https://git.openjdk.java.net/jdk/pull/2658
