On Tue, 26 Aug 2025 05:21:57 GMT, Nibedita Jena <[email protected]> wrote:
>> Artur Barashev has updated the pull request incrementally with two >> additional commits since the last revision: >> >> - Update tests >> - Revert "Include RSASSA-PKCS1-v1_5 and Legacy algorithms in >> signature_algorithms for TLSv1.3" >> >> This reverts commit adc236be4bcac11614e2741c99545aa593f6af5b. > > test/jdk/sun/security/ssl/SignatureScheme/DisableSignatureSchemePerScopeTLS12.java > line 138: > >> 136: // signature_algorithms_cert extension MUST NOT contain disabled >> 137: // certificate signature scheme. >> 138: assertFalse(sigAlgsCertSS.contains(CERTIFICATE_DISABLED_SIG), > > If `jdk.tls.client.disableExtensions=signature_algorithms_cert` is used, then > the given extension wont be present, it will fail here Correct, [DisableSignatureSchemePerScopeNoClientCertSignAlgsExtTLS12.java](https://github.com/openjdk/jdk/pull/26887/files#diff-4e93ab75d50e906c41e810114260fa3ca601f2fe554990578feaf9406e94687a) tests this scenario. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/26887#discussion_r2301266657
