From 35be7e9988bd9f21a083b781ce2ba629f82768cd Mon Sep 17 00:00:00 2001
From: robm <unknown>
Date: Thu, 21 Jan 2016 19:21:34 +0000
Subject: [PATCH] 8064330: Remove SHA224 from the default support list if
 SunMSCAPI enabled Reviewed-by: xuelei

---
 .../sun/security/ssl/SignatureAndHashAlgorithm.java | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java b/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java
index bb50eb868..cb5c0ff33 100644
--- a/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java
+++ b/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java
@@ -28,6 +28,7 @@ package sun.security.ssl;
 import java.security.AlgorithmConstraints;
 import java.security.CryptoPrimitive;
 import java.security.PrivateKey;
+import java.security.Security;
 
 import java.util.Set;
 import java.util.HashSet;
@@ -413,10 +414,14 @@ final class SignatureAndHashAlgorithm {
                     "SHA1withRSA",          --p);
             supports(HashAlgorithm.SHA1,        SignatureAlgorithm.ECDSA,
                     "SHA1withECDSA",        --p);
-            supports(HashAlgorithm.SHA224,      SignatureAlgorithm.RSA,
-                    "SHA224withRSA",        --p);
-            supports(HashAlgorithm.SHA224,      SignatureAlgorithm.ECDSA,
-                    "SHA224withECDSA",      --p);
+
+            if (Security.getProvider("SunMSCAPI") == null) {
+                supports(HashAlgorithm.SHA224,      SignatureAlgorithm.RSA,
+                        "SHA224withRSA",        --p);
+                supports(HashAlgorithm.SHA224,      SignatureAlgorithm.ECDSA,
+                        "SHA224withECDSA",      --p);
+            }
+
             supports(HashAlgorithm.SHA256,      SignatureAlgorithm.RSA,
                     "SHA256withRSA",        --p);
             supports(HashAlgorithm.SHA256,      SignatureAlgorithm.ECDSA,
-- 
GitLab