[11u] RFR: 8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange

Langer, Christoph christoph.langer at sap.com
Thu Jul 4 13:11:17 UTC 2019


Hi,

please help reviewing the backport of JDK-8216039 to jdk11u-dev.

Since predecessor patch JDK-8211122 could not be applied to JDK 11 updates, some manual work is necessary.

In src/java.base/share/classes/java/security/Signature.java and src/java.base/share/classes/sun/security/util/SignatureUtil.java the imports of jdk.internal.access have to be changed into jdk.internal.misc. The update that originally went to src/java.base/share/classes/jdk/internal/access/SharedSecrets.java obviously needs to be applied to src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java. The new file src/java.base/share/classes/jdk/internal/access/JavaSecuritySignatureAccess.java needs to be src/java.base/share/classes/jdk/internal/misc/JavaSecuritySignatureAccess.java in 11u.

See the full webrev here: http://cr.openjdk.java.net/~clanger/webrevs/8216039.11u.full.0/
The webrev for manual changes only: http://cr.openjdk.java.net/~clanger/webrevs/8216039.11u.manual.0/
Original Bug: https://bugs.openjdk.java.net/browse/JDK-8216039

Thanks
Christoph

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/security-dev/attachments/20190704/f45df56e/attachment.html>


More information about the security-dev mailing list