718 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
719 SSLLogger.warning("No signature and hash algorithms " +
720 "in CertificateRequest");
721 }
722 return null;
723 }
724
725 Collection<String> checkedKeyTypes = new HashSet<>();
726 for (SignatureScheme ss : hc.peerRequestedCertSignSchemes) {
727 if (checkedKeyTypes.contains(ss.keyAlgorithm)) {
728 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
729 SSLLogger.warning(
730 "Unsupported authentication scheme: " + ss.name);
731 }
732 continue;
733 }
734
735 // Don't select a signature scheme unless we will be able to
736 // produce a CertificateVerify message later
737 if (SignatureScheme.getPreferableAlgorithm(
738 hc.peerRequestedSignatureSchemes,
739 ss, hc.negotiatedProtocol) == null) {
740
741 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
742 SSLLogger.warning(
743 "Unable to produce CertificateVerify for " +
744 "signature scheme: " + ss.name);
745 }
746 checkedKeyTypes.add(ss.keyAlgorithm);
747 continue;
748 }
749
750 SSLAuthentication ka = X509Authentication.valueOf(ss);
751 if (ka == null) {
752 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
753 SSLLogger.warning(
754 "Unsupported authentication scheme: " + ss.name);
755 }
756 checkedKeyTypes.add(ss.keyAlgorithm);
757 continue;
|
718 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
719 SSLLogger.warning("No signature and hash algorithms " +
720 "in CertificateRequest");
721 }
722 return null;
723 }
724
725 Collection<String> checkedKeyTypes = new HashSet<>();
726 for (SignatureScheme ss : hc.peerRequestedCertSignSchemes) {
727 if (checkedKeyTypes.contains(ss.keyAlgorithm)) {
728 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
729 SSLLogger.warning(
730 "Unsupported authentication scheme: " + ss.name);
731 }
732 continue;
733 }
734
735 // Don't select a signature scheme unless we will be able to
736 // produce a CertificateVerify message later
737 if (SignatureScheme.getPreferableAlgorithm(
738 hc.algorithmConstraints,
739 hc.peerRequestedSignatureSchemes,
740 ss, hc.negotiatedProtocol) == null) {
741
742 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
743 SSLLogger.warning(
744 "Unable to produce CertificateVerify for " +
745 "signature scheme: " + ss.name);
746 }
747 checkedKeyTypes.add(ss.keyAlgorithm);
748 continue;
749 }
750
751 SSLAuthentication ka = X509Authentication.valueOf(ss);
752 if (ka == null) {
753 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
754 SSLLogger.warning(
755 "Unsupported authentication scheme: " + ss.name);
756 }
757 checkedKeyTypes.add(ss.keyAlgorithm);
758 continue;
|