[15] RFR 8238448: RSASSA-PSS signature verification fail when using certain odd key sizes

Valerie Peng valerie.peng at oracle.com
Sat Feb 8 00:59:35 UTC 2020


Thanks for the review~

The issue is reported externally, there is the answer to your question. ;)

Valerie

On 2/6/2020 10:14 PM, Xuelei Fan wrote:
> On 2/6/2020 7:02 PM, Valerie Peng wrote:
>> Anyone can help reviewing this?
>>
>> There is a bug in RSASSA-PSS signature verification when the key size 
>> is multiples of 8 plus 1 bit. The verification on the encoded message 
>> is off by one and verification failed unexpectedly. I added a check 
>> and adjusted the starting index for the verification. I added 1025 
>> and 2049 to existing PSS tests to verify this fix.
>>
> Hm, is there really use of 1025/2049 bits RSA key in practice. But 
> it's a nice catch!
>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8238448
>>
>> Webrev: http://cr.openjdk.java.net/~valeriep/8238448/webrev.00/
>>
> It looks good to me.
>
> Xuelei
>
>> Mach5 run is clean.
>>
>> Thanks,
>> Valerie


More information about the security-dev mailing list