RFR: 8242068: Signed JAR support for RSASSA-PSS and EdDSA [v7]

Weijun Wang weijun at openjdk.java.net
Fri Oct 16 02:47:11 UTC 2020


On Fri, 16 Oct 2020 02:15:08 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   signing time, jarsigner -directsign, and digest algorithm check
>
> test/lib/jdk/test/lib/security/timestamp/TsaSigner.java line 221:
> 
>> 219:                     new X500Name(issuerName),
>> 220:                     signerEntry.cert.getSerialNumber(),
>> 221:                     AlgorithmId.get(SignatureUtil.extractDigestAlgFromDwithE(sigAlgo)),
> 
> So, sigAlgo would never be RSASSA-PSS, EDDSA, ED25519, or ED448?

There were no getDigestAlgInPkcs7SignerInfo in my initial version. I'll use this new method instead. I'll probably need
to try if the new algorithms really work here.

-------------

PR: https://git.openjdk.java.net/jdk/pull/322



More information about the security-dev mailing list