Per TLSv1.3 RFC:
If no "signature_algorithms_cert" extension is present, then the "signature_algorithms" extension also applies to signatures appearing in certificates. When no "signature_algorithms_cert" extension is present in ClientHello we simply copy "signature_algorithms" extension algorithms already filtered with HANDSHAKE_SCOPE to `peerRequestedCertSignSchemes`. Instead we should filter "signature_algorithms" extension algorithms with CERTIFICATE_SCOPE as certain algorithms are allowed to be used in certificate signatures but not in handshake signatures. ------------- Commit messages: - 8355779: When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension Changes: https://git.openjdk.org/jdk/pull/24939/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24939&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8355779 Stats: 94 lines in 1 file changed: 46 ins; 46 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/24939.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/24939/head:pull/24939 PR: https://git.openjdk.org/jdk/pull/24939