RFR: 8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key [v4]

Martin Bonato duke at openjdk.java.net
Thu Feb 10 14:45:14 UTC 2022


On Fri, 22 Oct 2021 18:45:31 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:

>> Hello,
>> 
>> Could you please review the small patch for the issue described in JDK-8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
>> 
>> I suggest updating the RSAPSSSignature.isValid() method to verify if provided key components can be applied to SunRSASign implementation. 
>> If not applied, implementation can try to select signer from other providers
>> 
>> Regards
>> Alexey
>
> Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Simplified isPrivateKeyValid

Is there any chance to get this back-ported to 11u? I saw the instructions for fix approvals on https://wiki.openjdk.java.net/display/JDKUpdates/JDK11u however I'm not a contributor/author. Is there any means of showing interest or upvoting etc.?

-------------

PR: https://git.openjdk.java.net/jdk/pull/4887



More information about the security-dev mailing list