-
Bug
-
Resolution: Not an Issue
-
P3
-
15
Explicitly provided key agreement group name fails for TLSv1.2 and below which is different from signature key.
Example failing test case (it works fine for TLSv1.3):
Protocol: "TLSv1.2"
KeyType: ecdsa_sha256 with Curve: prime256v1
Cipher: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
System.setProperty("jdk.tls.namedGroups", "X25519"); // The same failure happens for ffdhe too.
Example failing test case (it works fine for TLSv1.3):
Protocol: "TLSv1.2"
KeyType: ecdsa_sha256 with Curve: prime256v1
Cipher: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
System.setProperty("jdk.tls.namedGroups", "X25519"); // The same failure happens for ffdhe too.