RFR[13] JDK-8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support
Valerie Peng
valerie.peng at oracle.com
Wed Jul 3 02:48:11 UTC 2019
Hi
Any one can help reviewing this fix? Some ECDSA certificates contains
signature algorithm identifiers with non-null parameter bytes. Before
RSASSA-PSS support, these parameter bytes are ignored, however, after
RSASSA-PSS support, the parameter bytes are passed to the underlying
signature impl and this breaks the ECDSA certificate verification. In
order for the verification to succeeds, the SignatureUtil class needs to
be able to parse the parameter bytes for ECDSA certificate and that
SunEC provider needs to accept non-null signature parameters.
Bug: https://bugs.openjdk.java.net/browse/JDK-8225745
Webrev: http://cr.openjdk.java.net/~valeriep/8225745/webrev.00/
Mach5 run is clean.
Thanks,
Valerie
More information about the security-dev
mailing list