RFR 8147502: Digest is incorrectly truncated for ECDSA signatures...
Jamil Nimeh
jamil.j.nimeh at oracle.com
Mon Mar 18 16:26:47 UTC 2019
Hi Adam, this looks good. For your test it seems perfectly reasonable
to make a mock SecureRandom that lets you control the bits since you're
trying to run a known-answer test for a function that would normally be
non-deterministic. Just one really tiny nit, update the copyright on ec.c.
--Jamil
On 3/4/19 11:40 AM, Adam Petcher wrote:
> webrev: https://cr.openjdk.java.net/~apetcher/8147502/webrev.00/
> JBS: https://bugs.openjdk.java.net/browse/JDK-8147502
>
> Please review this fix to a bug that causes ECDSA signatures to be
> incorrect in some cases. The fix is simple, but testing this issue is
> difficult because the API doesn't give access to the raw signing
> operation so we can check it using known answer tests. I got around
> this difficulty in the regression test by using a modified
> SecureRandom that supplies specific bits in order to produce the
> correct nonce. The test is a bit complicated and brittle, so if anyone
> has any other suggestions on how to do this, please share.
>
More information about the security-dev
mailing list