[CAUTION] RFR [jdk11]: 8223940: Private key not supported by chosen signature algorithm
Lindenmaier, Goetz
goetz.lindenmaier at sap.com
Tue Jun 9 09:00:54 UTC 2020
Hi Matthias,
I had a look at your change.
You also edited handling of signAlgParameter,
(it is signAlgParams in the original change).
That looks good. I had to resolve similar code previously.
Reviewed.
Best regards,
Goetz
> -----Original Message-----
> From: jdk-updates-dev <jdk-updates-dev-bounces at openjdk.java.net> On
> Behalf Of Baesken, Matthias
> Sent: Monday, June 8, 2020 5:14 PM
> To: jdk-updates-dev at openjdk.java.net
> Subject: [CAUTION] RFR [jdk11]: 8223940: Private key not supported by
> chosen signature algorithm
>
> Hello, please review the jdk11 backport of 8223940: Private key not
> supported by chosen signature algorithm .
>
> I had to do a few adjustments to the jdk/jdk change for jdk11 :
>
> -The algorithmConstraints - parameter of getSignerOfPreferableAlgorithm
> Is not present in jdk11 so this is missing from the calls in the jdk11 webrev
> (see for example
> src/java.base/share/classes/sun/security/ssl/DHServerKeyExchange.java ).
>
> In src/java.base/share/classes/sun/security/ssl/SignatureScheme.java , the
> SignatureUtil.initVerifyWithParam calls were changed .
>
>
>
> Bug/webrev :
> https://bugs.openjdk.java.net/browse/JDK-8223940
>
> http://cr.openjdk.java.net/~mbaesken/webrevs/8223940_jdk11_0/
>
> Webrev from jdk/jdk :
>
> https://hg.openjdk.java.net/jdk/jdk/rev/d6e682e8fcc3
>
> Thanks, Matthias
More information about the jdk-updates-dev
mailing list