hg: jdk8u/jdk8u-dev/jdk: 8230978: Add support for RSASSA-PSS Signature algorithm (Java SE 8); ...

bradford.wetmore at oracle.com bradford.wetmore at oracle.com
Fri Feb 14 00:14:52 UTC 2020


Changeset: ece6722932ca
Author:    wetmore
Date:      2020-02-13 15:47 -0800
URL:       https://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/rev/ece6722932ca

8230978: Add support for RSASSA-PSS Signature algorithm (Java SE 8)
8175029: StackOverflowError in X509CRL and X509Certificate.verify(PublicKey, Provider)
8146293: Add support for RSASSA-PSS Signature algorithm
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
8205720: KeyFactory#getKeySpec and translateKey throws NullPointerException with Invalid key
8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized
8213009: Refactoring existing SunMSCAPI classes
8213010: Supporting keys created with certmgr.exe
8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails
8215694: keytool cannot generate RSASSA-PSS certificates
8221407: Windows 32bit build error in libsunmscapi/security.cpp
8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange
8223003: SunMSCAPI keys are not cleaned up
8223063: Support CNG RSA keys
8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support
8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows
8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId
8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION
Summary: Contains elements of JDK-8051408 (see comments on JDK-8230978)
Reviewed-by: valeriep, weijun, coffeys, pkoppula, andrew

! make/lib/SecurityLibraries.gmk
! src/share/classes/com/sun/crypto/provider/OAEPParameters.java
! src/share/classes/com/sun/crypto/provider/RSACipher.java
! src/share/classes/com/sun/crypto/provider/SunJCE.java
! src/share/classes/java/security/Signature.java
! src/share/classes/java/security/SignatureSpi.java
! src/share/classes/java/security/cert/X509CRL.java
! src/share/classes/java/security/cert/X509Certificate.java
! src/share/classes/java/security/interfaces/RSAKey.java
! src/share/classes/java/security/interfaces/RSAMultiPrimePrivateCrtKey.java
! src/share/classes/java/security/interfaces/RSAPrivateCrtKey.java
! src/share/classes/java/security/interfaces/package-info.java
! src/share/classes/java/security/spec/MGF1ParameterSpec.java
! src/share/classes/java/security/spec/PSSParameterSpec.java
! src/share/classes/java/security/spec/RSAKeyGenParameterSpec.java
! src/share/classes/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
! src/share/classes/java/security/spec/RSAOtherPrimeInfo.java
! src/share/classes/java/security/spec/RSAPrivateCrtKeySpec.java
! src/share/classes/java/security/spec/RSAPrivateKeySpec.java
! src/share/classes/java/security/spec/RSAPublicKeySpec.java
! src/share/classes/java/security/spec/package-info.java
! src/share/classes/javax/crypto/Cipher.java
! src/share/classes/javax/crypto/spec/OAEPParameterSpec.java
! src/share/classes/javax/crypto/spec/PSource.java
! src/share/classes/javax/crypto/spec/package.html
+ src/share/classes/sun/misc/JavaSecuritySignatureAccess.java
! src/share/classes/sun/misc/SharedSecrets.java
! src/share/classes/sun/security/ec/CurveDB.java
! src/share/classes/sun/security/ec/ECDSASignature.java
! src/share/classes/sun/security/pkcs/SignerInfo.java
! src/share/classes/sun/security/pkcs10/PKCS10.java
! src/share/classes/sun/security/pkcs11/P11Key.java
! src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java
! src/share/classes/sun/security/pkcs11/P11Signature.java
! src/share/classes/sun/security/provider/DSA.java
! src/share/classes/sun/security/provider/SHA5.java
! src/share/classes/sun/security/provider/SunEntries.java
+ src/share/classes/sun/security/rsa/MGF1.java
+ src/share/classes/sun/security/rsa/PSSParameters.java
! src/share/classes/sun/security/rsa/RSAKeyFactory.java
! src/share/classes/sun/security/rsa/RSAKeyPairGenerator.java
+ src/share/classes/sun/security/rsa/RSAPSSSignature.java
! src/share/classes/sun/security/rsa/RSAPadding.java
! src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
! src/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java
! src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java
! src/share/classes/sun/security/rsa/RSASignature.java
+ src/share/classes/sun/security/rsa/RSAUtil.java
! src/share/classes/sun/security/rsa/SunRsaSignEntries.java
! src/share/classes/sun/security/ssl/RSASignature.java
! src/share/classes/sun/security/ssl/SunJSSE.java
! src/share/classes/sun/security/tools/keytool/CertAndKeyGen.java
! src/share/classes/sun/security/tools/keytool/Main.java
! src/share/classes/sun/security/util/ECUtil.java
! src/share/classes/sun/security/util/SecurityProviderConstants.java
+ src/share/classes/sun/security/util/SignatureUtil.java
! src/share/classes/sun/security/x509/AlgorithmId.java
! src/share/classes/sun/security/x509/X509CRLImpl.java
! src/share/classes/sun/security/x509/X509CertImpl.java
+ src/windows/classes/sun/security/mscapi/CKey.java
+ src/windows/classes/sun/security/mscapi/CKeyPair.java
+ src/windows/classes/sun/security/mscapi/CKeyPairGenerator.java
+ src/windows/classes/sun/security/mscapi/CKeyStore.java
+ src/windows/classes/sun/security/mscapi/CPrivateKey.java
+ src/windows/classes/sun/security/mscapi/CPublicKey.java
+ src/windows/classes/sun/security/mscapi/CRSACipher.java
+ src/windows/classes/sun/security/mscapi/CSignature.java
- src/windows/classes/sun/security/mscapi/Key.java
- src/windows/classes/sun/security/mscapi/KeyStore.java
- src/windows/classes/sun/security/mscapi/RSACipher.java
- src/windows/classes/sun/security/mscapi/RSAKeyPair.java
- src/windows/classes/sun/security/mscapi/RSAKeyPairGenerator.java
- src/windows/classes/sun/security/mscapi/RSAPrivateKey.java
- src/windows/classes/sun/security/mscapi/RSAPublicKey.java
- src/windows/classes/sun/security/mscapi/RSASignature.java
! src/windows/classes/sun/security/mscapi/SunMSCAPI.java
! src/windows/native/sun/security/mscapi/security.cpp
! test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java
! test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java
! test/com/sun/crypto/provider/Cipher/RSA/TestOAEPParameterSpec.java
! test/com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java
! test/java/security/KeyPairGenerator/FinalizeHalf.java
! test/java/security/Signature/Offsets.java
+ test/java/security/Signature/SignatureGetInstance.java
! test/java/security/SignedObject/Chain.java
+ test/java/security/cert/X509CRL/VerifyDefault.java
+ test/java/security/cert/X509Certificate/VerifyDefault.java
! test/java/security/testlibrary/CertUtils.java
+ test/lib/jdk/test/lib/SigTestUtil.java
+ test/lib/testlibrary/jdk/testlibrary/security/DerUtils.java
! test/sun/security/ec/SignedObjectChain.java
+ test/sun/security/mscapi/InteropWithSunRsaSign.java
+ test/sun/security/mscapi/KeyAlgorithms.java
+ test/sun/security/mscapi/NullKey.java
! test/sun/security/mscapi/SignedObjectChain.java
+ test/sun/security/mscapi/VeryLongAlias.java
+ test/sun/security/provider/MessageDigest/SHA512.java
+ test/sun/security/rsa/SigGen15_186-3.txt
+ test/sun/security/rsa/SigGen15_186-3_TruncatedSHAs.txt
+ test/sun/security/rsa/SigRecord.java
! test/sun/security/rsa/SignatureOffsets.java
! test/sun/security/rsa/SignatureTest.java
! test/sun/security/rsa/SignedObjectChain.java
! test/sun/security/rsa/TestKeyPairGenerator.java
+ test/sun/security/rsa/TestSigGen15.java
! test/sun/security/rsa/TestSignatures.java
+ test/sun/security/rsa/pss/InitAgain.java
+ test/sun/security/rsa/pss/PSSParametersTest.java
+ test/sun/security/rsa/pss/SigGenPSS_186-3.txt
+ test/sun/security/rsa/pss/SigGenPSS_186-3_TruncatedSHAs.txt
+ test/sun/security/rsa/pss/SigRecord.java
+ test/sun/security/rsa/pss/SignatureTest2.java
+ test/sun/security/rsa/pss/SignatureTestPSS.java
+ test/sun/security/rsa/pss/TestPSSKeySupport.java
+ test/sun/security/rsa/pss/TestSigGenPSS.java
! test/sun/security/ssl/rsa/SignedObjectChain.java
+ test/sun/security/tools/keytool/PSS.java
+ test/sun/security/util/misc/SetNullSigParams.java
+ test/sun/security/x509/X509CertImpl/ECSigParamsVerifyWithCert.java



More information about the jdk8u-dev-changes mailing list