8263188: JSSE should fail fast if there isn't supported signature algorithm

[jerboaa]

Please review this fairly low-risk backport to fail the TLS handshake early when there are no common signature algorithm. It also adds two new tests, which are changed in the JDK-8284047 test backport and it's useful for bringing in JDK-8340321 and JDK-8349583.

The JDK 11u patch applies cleanly (modulo path changes) after #810 however the SigAlgosExtTestWithTLS12.java test needed adaptations to compile. 1.) replace Map.of with regular HashMap instantiation and subsequent put followed by Collections.unmodifiableMap() in a static initializer 2) ByteBuffer.position() returns Buffer which then causes a comile fail when calling put. This doesn't seem to happen in 11u and up. I've added an explicit cast. See second commit which performs those changes.

Testing:

• Newly added tests fail prior the product patch, pass after.
• jdk/test/javax/net/ssl, jdk/test/sun/net/www/protocol/https/ and jdk/test/sun/security/ssl/ tests with the following result: Test results: passed: 267; failed: 2; error: 1 => same failures as for master. Note the +2 passed tests from 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message #810 (265).

Thoughts?

• I confirm that I make this contribution in accordance with the OpenJDK Interim AI Policy.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue
• JDK-8263188 needs maintainer approval

Integration blocker

 ⚠️ Dependency #810 must be integrated first

Issue

• JDK-8263188: JSSE should fail fast if there isn't supported signature algorithm (Bug - P4)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk8u-dev.git pull/811/head:pull/811
$ git checkout pull/811

Update a local copy of the PR:
$ git checkout pull/811
$ git pull https://git.openjdk.org/jdk8u-dev.git pull/811/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 811

View PR using the GUI difftool:
$ git pr show -t 811

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk8u-dev/pull/811.diff

Using Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back sgehwolf! A progress list of the required criteria for merging this PR into pr/810 will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

❗ This change is not yet ready to be integrated.
See the Progress checklist in the description for automated requirements.

[openjdk]

This backport pull request has now been updated with issue from the original commit.

[mlbridge]

Webrevs

• 01: Full - Incremental (01fd4427)
• 00: Full (01fd4427)

[jerboaa]

GHA failures are:
https://bugs.openjdk.org/browse/JDK-8385584 and https://bugs.openjdk.org/browse/JDK-8385585

[bridgekeeper]

@jerboaa This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply issue a /touch or /keepalive command to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

[jerboaa]

/touch

I'll update the PR once more of the dependent PRs get reviewed/integrated. Upon which I'll need to do some rebase/conflict resolution anyway.

[openjdk]

@jerboaa The pull request is being re-evaluated and the inactivity timeout has been reset.

[openjdk]

@jerboaa this pull request can not be integrated into pr/810 due to one or more merge conflicts. To resolve these merge conflicts and update this pull request you can run the following commands in the local repository for your personal fork:

git checkout jdk-8263188-jsse-fail-fast-8u-new3
git fetch https://git.openjdk.org/jdk8u-dev.git pr/810
git merge FETCH_HEAD
# resolve conflicts and follow the instructions given by git merge
git commit -m "Merge pr/810"
git push