Details
-
Bug
-
Status: Open
-
P3
-
Resolution: Unresolved
-
15
Description
Explicitly provided key agreement group name fails for TLSv1.2 and below which is different from signature key.
Example failing test case (it works fine for TLSv1.3):
Protocol: "TLSv1.2"
KeyType: ecdsa_sha256 with Curve: prime256v1
Cipher: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
System.setProperty("jdk.tls.namedGroups", "X25519"); // The same failure happens for ffdhe too.
Example failing test case (it works fine for TLSv1.3):
Protocol: "TLSv1.2"
KeyType: ecdsa_sha256 with Curve: prime256v1
Cipher: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
System.setProperty("jdk.tls.namedGroups", "X25519"); // The same failure happens for ffdhe too.