Hello all,
This fixes an issue with the TLS 1.3 CertificateRequest message. In
cases where the server side can initially support multiple protocol
versions by the time it issues a CertificateRequest message it collects
the list of supported signature schemes for the signature_algorithms and
signature_algorithms_cert extensions using all supported protocols as a
filtering mechanism.
This change alters the filtering process to use only the negotiated
protocol, so only those sig algs allowed for that one protocol version
will be asserted.
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8211866/webrev.01/
JBS: https://bugs.openjdk.java.net/browse/JDK-8211866
