RFR: 8274471: Verification of OCSP Response signed with RSASSA-PSS fails
Hai-May Chao
hchao at openjdk.java.net
Thu Sep 30 23:18:36 UTC 2021
On Thu, 30 Sep 2021 15:44:32 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> Extra parameters need to be set for RSASSA-PSS signatures. We already have a helper method for that.
>
> Some other cleanups:
> 1. When using GET for OCSP, make sure no double slash.
> 2. Several throws clauses are not necessary.
>
> No regression test. OCSP needs to access an external server.
As throwing ProviderException is removed from initVerifyWithParam(), could we remove the ProviderException in the try-catch block from the callers of initVerifyWithParam()? For example, one of the callers at:
https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java#L476
-------------
PR: https://git.openjdk.java.net/jdk/pull/5778
More information about the security-dev
mailing list