[13] RFR JDK-8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect

Xuelei Fan xuelei.fan at oracle.com
Thu Jun 27 23:15:56 UTC 2019

The update looks good to me.

Does the SunRsaSign provider (RSAPSSSignature.java) has a similar problem?


On 6/27/2019 3:24 PM, Valerie Peng wrote:
> Hi,
> Anyone has time to review this? Trivial and straightforward and would be 
> nice to fix this in the same release which the bug is introduced in. 
> Existing PKCS11 PSS impl assumes that the MGF1 uses the same digest 
> algorithm as the message digest. Fixed to get the digest algorithm for 
> MGF1 from the specified PSS parameter object and enhanced existing PSS 
> regression tests to cover additional scenarios.
> Bug: https://bugs.openjdk.java.net/browse/JDK-8226651
> Webrev: http://cr.openjdk.java.net/~valeriep/8226651/webrev.00/
> Mach5 run is clean.
> Thanks,
> Valerie

More information about the security-dev mailing list