[13] RFR JDK-8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect
Valerie Peng
valerie.peng at oracle.com
Fri Jun 28 01:54:40 UTC 2019
No, this problem only applies to SunPKCS11 provider. SunRsaSign provider
is fine.
Thanks for the review,
Valerie
On 6/27/2019 4:15 PM, Xuelei Fan wrote:
> The update looks good to me.
>
> Does the SunRsaSign provider (RSAPSSSignature.java) has a similar
> problem?
>
> Thanks,
> Xuelei
>
> On 6/27/2019 3:24 PM, Valerie Peng wrote:
>> Hi,
>>
>> Anyone has time to review this? Trivial and straightforward and would
>> be nice to fix this in the same release which the bug is introduced
>> in. Existing PKCS11 PSS impl assumes that the MGF1 uses the same
>> digest algorithm as the message digest. Fixed to get the digest
>> algorithm for MGF1 from the specified PSS parameter object and
>> enhanced existing PSS regression tests to cover additional scenarios.
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8226651
>>
>> Webrev: http://cr.openjdk.java.net/~valeriep/8226651/webrev.00/
>>
>> Mach5 run is clean.
>>
>> Thanks,
>> Valerie
More information about the security-dev
mailing list