Per TLSv1.3 RFC:

   If no "signature_algorithms_cert" extension is
   present, then the "signature_algorithms" extension also applies to
   signatures appearing in certificates.


When no "signature_algorithms_cert" extension is present in ClientHello we 
simply copy "signature_algorithms" extension algorithms already filtered with 
HANDSHAKE_SCOPE to `peerRequestedCertSignSchemes`. Instead we should filter 
"signature_algorithms" extension algorithms with CERTIFICATE_SCOPE as certain 
algorithms are allowed to be used in certificate signatures but not in 
handshake signatures.

-------------

Commit messages:
 - 8355779: When no "signature_algorithms_cert" extension is present we do not 
apply certificate scope constraints to algorithms in "signature_algorithms" 
extension

Changes: https://git.openjdk.org/jdk/pull/24939/files
  Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24939&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8355779
  Stats: 94 lines in 1 file changed: 46 ins; 46 del; 2 mod
  Patch: https://git.openjdk.org/jdk/pull/24939.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/24939/head:pull/24939

PR: https://git.openjdk.org/jdk/pull/24939

Reply via email to