[11u]: RFR: Backport of 8215694: keytool cannot generate RSASSA-PSS certificates
Langer, Christoph
christoph.langer at sap.com
Mon Jul 1 14:25:45 UTC 2019
Hi Paul,
thanks for your review.
> In CertAndKeyGen.java, does generate() need a throws declaration?
It doesn't. IllegalArgumentException is a RuntimeException and as such doesn't need a throws declaration. And InvalidKeyException is obviously not needed and was removed in the original changeset as well.
> Otherwise looks good.
Thanks. I also asked Max Wang to have a look off list and he seems to agree as well.
> We've been talking about backporting patches with CSRs and have done at
> least one. Imo, 8076190 and 8213400 are good backport candidates since the
> spec changes are minor.
Yes, a CSR is not necessarily a showstopper for a backport. But as it is not my area of expertise and there's no other reason that makes backports of these bugs important to me, I don't want to take the additional work and responsibility for these backports. But feel free to do this 😊
So, I guess I'm good to push this, once approved.
Cheers,
Christoph
More information about the security-dev
mailing list