274 // Ignore, no "signature_algorithms" extension requested. |
274 // Ignore, no "signature_algorithms" extension requested. |
275 return; |
275 return; |
276 } |
276 } |
277 |
277 |
278 // update the context |
278 // update the context |
279 List<SignatureScheme> shemes = |
279 List<SignatureScheme> sss = |
280 SignatureScheme.getSupportedAlgorithms( |
280 SignatureScheme.getSupportedAlgorithms( |
281 shc.algorithmConstraints, shc.negotiatedProtocol, |
281 shc.algorithmConstraints, shc.negotiatedProtocol, |
282 spec.signatureSchemes); |
282 spec.signatureSchemes); |
283 shc.peerRequestedSignatureSchemes = shemes; |
283 shc.peerRequestedSignatureSchemes = sss; |
284 |
284 |
285 // If no "signature_algorithms_cert" extension is present, then |
285 // If no "signature_algorithms_cert" extension is present, then |
286 // the "signature_algorithms" extension also applies to |
286 // the "signature_algorithms" extension also applies to |
287 // signatures appearing in certificates. |
287 // signatures appearing in certificates. |
288 SignatureSchemesSpec certSpec = |
288 SignatureSchemesSpec certSpec = |
289 (SignatureSchemesSpec)shc.handshakeExtensions.get( |
289 (SignatureSchemesSpec)shc.handshakeExtensions.get( |
290 SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT); |
290 SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT); |
291 if (certSpec == null) { |
291 if (certSpec == null) { |
292 shc.peerRequestedCertSignSchemes = shemes; |
292 shc.peerRequestedCertSignSchemes = sss; |
293 } |
293 shc.handshakeSession.setPeerSupportedSignatureAlgorithms(sss); |
294 |
294 } |
295 shc.handshakeSession.setPeerSupportedSignatureAlgorithms(shemes); |
295 |
296 |
296 if (!shc.isResumption && |
297 if (!shc.isResumption && shc.negotiatedProtocol.useTLS13PlusSpec()) { |
297 shc.negotiatedProtocol.useTLS13PlusSpec()) { |
298 if (shc.sslConfig.clientAuthType != |
298 if (shc.sslConfig.clientAuthType != |
299 ClientAuthType.CLIENT_AUTH_NONE) { |
299 ClientAuthType.CLIENT_AUTH_NONE) { |
300 shc.handshakeProducers.putIfAbsent( |
300 shc.handshakeProducers.putIfAbsent( |
301 SSLHandshake.CERTIFICATE_REQUEST.id, |
301 SSLHandshake.CERTIFICATE_REQUEST.id, |
302 SSLHandshake.CERTIFICATE_REQUEST); |
302 SSLHandshake.CERTIFICATE_REQUEST); |
512 // Ignore, no "signature_algorithms" extension requested. |
512 // Ignore, no "signature_algorithms" extension requested. |
513 return; |
513 return; |
514 } |
514 } |
515 |
515 |
516 // update the context |
516 // update the context |
517 List<SignatureScheme> shemes = |
517 List<SignatureScheme> sss = |
518 SignatureScheme.getSupportedAlgorithms( |
518 SignatureScheme.getSupportedAlgorithms( |
519 chc.algorithmConstraints, chc.negotiatedProtocol, |
519 chc.algorithmConstraints, chc.negotiatedProtocol, |
520 spec.signatureSchemes); |
520 spec.signatureSchemes); |
521 chc.peerRequestedSignatureSchemes = shemes; |
521 chc.peerRequestedSignatureSchemes = sss; |
522 |
522 |
523 // If no "signature_algorithms_cert" extension is present, then |
523 // If no "signature_algorithms_cert" extension is present, then |
524 // the "signature_algorithms" extension also applies to |
524 // the "signature_algorithms" extension also applies to |
525 // signatures appearing in certificates. |
525 // signatures appearing in certificates. |
526 SignatureSchemesSpec certSpec = |
526 SignatureSchemesSpec certSpec = |
527 (SignatureSchemesSpec)chc.handshakeExtensions.get( |
527 (SignatureSchemesSpec)chc.handshakeExtensions.get( |
528 SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT); |
528 SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT); |
529 if (certSpec == null) { |
529 if (certSpec == null) { |
530 chc.peerRequestedCertSignSchemes = shemes; |
530 chc.peerRequestedCertSignSchemes = sss; |
531 } |
531 chc.handshakeSession.setPeerSupportedSignatureAlgorithms(sss); |
532 |
532 } |
533 chc.handshakeSession.setPeerSupportedSignatureAlgorithms(shemes); |
|
534 } |
533 } |
535 } |
534 } |
536 |
535 |
537 /** |
536 /** |
538 * The absence processing if a "signature_algorithms" extension is |
537 * The absence processing if a "signature_algorithms" extension is |