RFR: 8259535: ECDSA SignatureValue do not always have the specified length
Weijun Wang
weijun at openjdk.java.net
Fri Feb 12 15:28:54 UTC 2021
The code change fixes the ECDSA XML signature length issue. It should only happened when there is no P1363 ECDSA support, which is not true when SunEC is used.
Technically, if a PrivateKey is not of ECPrivateKey the bug will still show up, and in this case we can actually look into the OID/parameter of the ASN.1 encoding and do further evaluation, but I think this is not worth doing. Please advise me if you think differently.
-------------
Commit messages:
- 8259535: ECDSA SignatureValue do not always have the specified length
Changes: https://git.openjdk.java.net/jdk/pull/2550/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=2550&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8259535
Stats: 227 lines in 4 files changed: 216 ins; 2 del; 9 mod
Patch: https://git.openjdk.java.net/jdk/pull/2550.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/2550/head:pull/2550
PR: https://git.openjdk.java.net/jdk/pull/2550
More information about the security-dev
mailing list