[15] RFR 8238448: RSASSA-PSS signature verification fail when using certain odd key sizes
Xuelei Fan
xuelei.fan at oracle.com
Fri Feb 7 06:14:30 UTC 2020
On 2/6/2020 7:02 PM, Valerie Peng wrote:
> Anyone can help reviewing this?
>
> There is a bug in RSASSA-PSS signature verification when the key size is
> multiples of 8 plus 1 bit. The verification on the encoded message is
> off by one and verification failed unexpectedly. I added a check and
> adjusted the starting index for the verification. I added 1025 and 2049
> to existing PSS tests to verify this fix.
>
Hm, is there really use of 1025/2049 bits RSA key in practice. But it's
a nice catch!
> Bug: https://bugs.openjdk.java.net/browse/JDK-8238448
>
> Webrev: http://cr.openjdk.java.net/~valeriep/8238448/webrev.00/
>
It looks good to me.
Xuelei
> Mach5 run is clean.
>
> Thanks,
> Valerie
More information about the security-dev
mailing list