RFR: 8286908: ECDSA signature should not return parameters [v3]

Weijun Wang weijun at openjdk.java.net
Thu May 19 02:01:55 UTC 2022


> Let ECDSA's `engineGetParameters()` always return null. At the same time, remove the remembered `sigParams` field. One behavior change is that after calling `setParameter()`, one can call `init()` again with a key using different parameters. I think this should be allowed since we are reusing the signature object with a brand new key.
> 
> `setParameter` is kept unchanged to be able to deal with certificates still having parameters after the signature algorithm object identifier. See https://bugs.openjdk.java.net/browse/JDK-8225745.
> 
> Also added SHA1withECDSA to the no-NULL list in `KnownOIDs`.
> 
> All security-related tests passed.

Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains four additional commits since the last revision:

 - add reference to RFCs
 - Merge branch 'master' into 8286908
 - will not read params for ECDSA
 - the fix

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/8758/files
  - new: https://git.openjdk.java.net/jdk/pull/8758/files/aceeb4a7..e5043a99

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=8758&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=8758&range=01-02

  Stats: 107875 lines in 1550 files changed: 65071 ins; 35256 del; 7548 mod
  Patch: https://git.openjdk.java.net/jdk/pull/8758.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/8758/head:pull/8758

PR: https://git.openjdk.java.net/jdk/pull/8758



More information about the security-dev mailing list