Integrated: 8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key

Alexey Bakhtin abakhtin at openjdk.java.net
Mon Oct 25 08:04:16 UTC 2021


On Fri, 23 Jul 2021 10:33:14 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:

> Hello,
> 
> Could you please review the small patch for the issue described in JDK-8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
> 
> I suggest updating the RSAPSSSignature.isValid() method to verify if provided key components can be applied to SunRSASign implementation. 
> If not applied, implementation can try to select signer from other providers
> 
> Regards
> Alexey

This pull request has now been integrated.

Changeset: f6232982
Author:    Alexey Bakhtin <abakhtin at openjdk.org>
Committer: Yuri Nesterenko <yan at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/f6232982b91cb2314e96ddbde3984836a810a556
Stats:     89 lines in 2 files changed: 69 ins; 14 del; 6 mod

8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key

Reviewed-by: xuelei, valeriep

-------------

PR: https://git.openjdk.java.net/jdk/pull/4887



More information about the security-dev mailing list