JDK-8355779 : When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 25
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2025-04-28
  • Updated: 2025-05-05
  • Resolved: 2025-05-01
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 21 JDK 25
21.0.9-oracleUnresolved 25 masterFixed
Related Reports
Relates :  
JDK-8349583 - Add mechanism to disable signature schemes based on their TLS scope
Description
Per TLSv1.3 RFC:
   -------
   If no "signature_algorithms_cert" extension is
   present, then the "signature_algorithms" extension also applies to
   signatures appearing in certificates.
   -------

When no "signature_algorithms_cert" extension is present in ClientHello we simply copy "signature_algorithms" extension algorithms already filtered with HANDSHAKE_SCOPE to `peerRequestedCertSignSchemes`. Instead we should filter "signature_algorithms" extension algorithms with CERTIFICATE_SCOPE as certain algorithms are allowed to be used in certificate signatures but not in handshake signatures.
Comments
Changeset: 34807df7 Branch: master Author: Artur Barashev <abarashev@openjdk.org> Committer: Sean Mullan <mullan@openjdk.org> Date: 2025-05-01 13:09:14 +0000 URL: https://git.openjdk.org/jdk/commit/34807df7627b067f750578987c941213a5f8336a
01-05-2025
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/24939 Date: 2025-04-28 21:31:49 +0000
28-04-2025