-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
P3
-
Affects Version/s: 8, 27
-
Component/s: security-libs
-
None
The SunJSSE probes SHA1withECDSA Signature availably when determining if elliptic curve cryptography is available. See the EcAvailability class in JsseJce.java. https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/sun/security/ssl/JsseJce.java#L168
SHA1 is now deprecated, and some JCE providers no longer ship SHA1withECDSA.
If no provider that provides a SHA1withECDSA Signature algorithm is registered then the SunJSSE infers that elliptic curve cryptography is not available. All cipher suites that involve elliptic curve cryptography are dropped.
SHA1 is now deprecated, and some JCE providers no longer ship SHA1withECDSA.
If no provider that provides a SHA1withECDSA Signature algorithm is registered then the SunJSSE infers that elliptic curve cryptography is not available. All cipher suites that involve elliptic curve cryptography are dropped.