< prev index next >
src/java.base/share/classes/sun/security/ssl/DHServerKeyExchange.java
Print this page
rev 54061 : 8226374: Restrict TLS signature schemes and named groups
Reviewed-by: mullan
*** 125,134 ****
--- 125,135 ----
shc.negotiatedProtocol.useTLS12PlusSpec();
Signature signer = null;
if (useExplicitSigAlgorithm) {
Map.Entry<SignatureScheme, Signature> schemeAndSigner =
SignatureScheme.getSignerOfPreferableAlgorithm(
+ shc.algorithmConstraints,
shc.peerRequestedSignatureSchemes,
x509Possession,
shc.negotiatedProtocol);
if (schemeAndSigner == null) {
// Unlikely, the credentials generator should have
< prev index next >