Integrated: 8259535: ECDSA SignatureValue do not always have the specified length

Weijun Wang weijun at openjdk.java.net
Fri Feb 26 16:52:48 UTC 2021


On Fri, 12 Feb 2021 15:24:07 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> The code change fixes the ECDSA XML signature length issue. It should only happen when there is no P1363 ECDSA support, which is not true when SunEC is used.
> 
> If a PrivateKey is not of ECPrivateKey type then the bug will still show up. Technically, we can drill into the OID/parameter of the ASN.1 encoding and do further evaluation, but I think this is not worth doing. Please advise me if you think differently.

This pull request has now been integrated.

Changeset: a4c24961
Author:    Weijun Wang <weijun at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/a4c24961
Stats:     227 lines in 4 files changed: 216 ins; 2 del; 9 mod

8259535: ECDSA SignatureValue do not always have the specified length

Reviewed-by: mullan

-------------

PR: https://git.openjdk.java.net/jdk/pull/2550



More information about the security-dev mailing list