RFR: 8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key

Alexey Bakhtin abakhtin at openjdk.java.net
Fri Jul 23 11:38:21 UTC 2021


Hello,

Could you please review the small patch for the issue described in JDK-8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key

I suggest updating the RSAPSSSignature.isValid() method to verify if provided key components can be applied to SunRSASign implementation. 
If not applied, implementation can try to select signer from other providers

Regards
Alexey

-------------

Commit messages:
 - Fixed formatting
 - 8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key

Changes: https://git.openjdk.java.net/jdk/pull/4887/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=4887&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8271199
  Stats: 20 lines in 1 file changed: 20 ins; 0 del; 0 mod
  Patch: https://git.openjdk.java.net/jdk/pull/4887.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/4887/head:pull/4887

PR: https://git.openjdk.java.net/jdk/pull/4887



More information about the security-dev mailing list