[jdk17u-dev] RFR: 8274471: Add support for RSASSA-PSS in OCSP Response
Alexey Pavlyutkin
duke at openjdk.java.net
Fri Dec 24 17:29:37 UTC 2021
This one is submitted in place of https://github.com/openjdk/jdk17u/pull/248 that was too late to jdk17u
I'd like to backport JDK-8274471 to jdk17u-dev
The patch fixes internal error upon verification of OCSP Response signed with RSASSA-PSS
The original patch applied with minor changes to src/java.base/share/classes/sun/security/provider/certpath/OCSP.java
- resolved baseline conflict: the original patch was done on top of JDK-8272120: Avoid looking for standard encodings in "java." modules and cannot be applied cleanly although it deletes the changes done against JDK-8272120 (see lines 249-241)
- imported few required packages
Verified (20.04 LTS/amd64) with attached [Test8274471.java.zip](https://github.com/openjdk/jdk17u/files/7514663/Test8274471.java.zip). Regression: jdk_security
-------------
Commit messages:
- Backport f63c4a832a1aea451f47aaf86d5361e970c6a28f
Changes: https://git.openjdk.java.net/jdk17u-dev/pull/36/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk17u-dev&pr=36&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8274471
Stats: 112 lines in 9 files changed: 28 ins; 45 del; 39 mod
Patch: https://git.openjdk.java.net/jdk17u-dev/pull/36.diff
Fetch: git fetch https://git.openjdk.java.net/jdk17u-dev pull/36/head:pull/36
PR: https://git.openjdk.java.net/jdk17u-dev/pull/36
More information about the jdk-updates-dev
mailing list