RFR: 8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key [v4]

Alexey Bakhtin abakhtin at openjdk.java.net
Fri Oct 22 18:45:31 UTC 2021


> Hello,
> 
> Could you please review the small patch for the issue described in JDK-8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
> 
> I suggest updating the RSAPSSSignature.isValid() method to verify if provided key components can be applied to SunRSASign implementation. 
> If not applied, implementation can try to select signer from other providers
> 
> Regards
> Alexey

Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:

  Simplified isPrivateKeyValid

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/4887/files
  - new: https://git.openjdk.java.net/jdk/pull/4887/files/df6f212d..ede6436f

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=4887&range=03
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=4887&range=02-03

  Stats: 5 lines in 1 file changed: 0 ins; 3 del; 2 mod
  Patch: https://git.openjdk.java.net/jdk/pull/4887.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/4887/head:pull/4887

PR: https://git.openjdk.java.net/jdk/pull/4887


More information about the security-dev mailing list