[11u] RFR: 8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange
Valerie Peng
valerie.peng at oracle.com
Thu Jul 11 23:33:35 UTC 2019
I will take a look.
Thanks,
Valerie
On 7/11/2019 2:11 PM, Langer, Christoph wrote:
> Ping...
>
> Can somebody please have a look at this backport? Regression testing shows no problems...
>
> Thanks
> Christoph
>
> From: Langer, Christoph
> Sent: Donnerstag, 4. Juli 2019 15:11
> To: jdk-updates-dev at openjdk.java.net
> Cc: security-dev <security-dev at openjdk.java.net>
> Subject: [11u] RFR: 8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange
>
> Hi,
>
> please help reviewing the backport of JDK-8216039 to jdk11u-dev.
>
> Since predecessor patch JDK-8211122 could not be applied to JDK 11 updates, some manual work is necessary.
>
> In src/java.base/share/classes/java/security/Signature.java and src/java.base/share/classes/sun/security/util/SignatureUtil.java the imports of jdk.internal.access have to be changed into jdk.internal.misc. The update that originally went to src/java.base/share/classes/jdk/internal/access/SharedSecrets.java obviously needs to be applied to src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java. The new file src/java.base/share/classes/jdk/internal/access/JavaSecuritySignatureAccess.java needs to be src/java.base/share/classes/jdk/internal/misc/JavaSecuritySignatureAccess.java in 11u.
>
> See the full webrev here: http://cr.openjdk.java.net/~clanger/webrevs/8216039.11u.full.0/
> The webrev for manual changes only: http://cr.openjdk.java.net/~clanger/webrevs/8216039.11u.manual.0/
> Original Bug: https://bugs.openjdk.java.net/browse/JDK-8216039
>
> Thanks
> Christoph
>
More information about the jdk-updates-dev
mailing list