[jdk11u-dev] RFR: 8274471: Add support for RSASSA-PSS in OCSP Response [v2]
Alexey Pavlyutkin
duke at openjdk.org
Tue May 30 14:43:17 UTC 2023
> Hi!
>
> Here is backport of [JDK-8274471](https://bugs.openjdk.org/browse/JDK-8274471) adding support of RSASSA-PSS signature to OCSP Response. Original patch applied with the following changes
>
> **`src/java.base/share/classes/sun/security/provider/certpath/OCSP.java`**
> - import of `java.security.cert.TrustAnchor` and `sun.security.validator.Validator` packages didn't removed cuz they are still in use;
> - added import of `java.nio.charset.StandardCharsets.UTF_8` promoting `UTF_8` constant;
> - the changes to revocation checking were skipped
>
> **`src/java.base/share/classes/sun/security/util/SignatureUtil.java`**
> - added import of `java.security.interfaces.RSAKey` and `sun.security.x509.AlgorithmId` packages;
> - support of `SHAKE256/512` dropped;
> - `EdEC` hooks dropped;
> - syntax of `switch` statements adjusted;
>
> **`src/java.base/share/classes/sun/security/x509/AlgorithmId.java`**
> - `public byte[] getEncodedParams()` does not throw anymore
>
> **`test/jdk/java/security/testlibrary/CertificateBuilder.java`**
> **`test/jdk/java/security/testlibrary/SimpleOCSPServer.java`**
> - added import of `sun.security.util.SignatureUtil` package
>
> Verification/regression (amd64/LTS 20.04): `jdk_security` including updated tests
Alexey Pavlyutkin has updated the pull request incrementally with one additional commit since the last revision:
removing unnecessary EdDSA code
-------------
Changes:
- all: https://git.openjdk.org/jdk11u-dev/pull/1891/files
- new: https://git.openjdk.org/jdk11u-dev/pull/1891/files/b56e8df3..443b9b3a
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=1891&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=1891&range=00-01
Stats: 258 lines in 2 files changed: 0 ins; 249 del; 9 mod
Patch: https://git.openjdk.org/jdk11u-dev/pull/1891.diff
Fetch: git fetch https://git.openjdk.org/jdk11u-dev.git pull/1891/head:pull/1891
PR: https://git.openjdk.org/jdk11u-dev/pull/1891
More information about the jdk-updates-dev
mailing list