Integrated: 8286908: ECDSA signature should not return parameters

Weijun Wang weijun at openjdk.java.net
Mon May 23 13:37:43 UTC 2022


On Tue, 17 May 2022 19:56:22 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> Let ECDSA's `engineGetParameters()` always return null. At the same time, remove the remembered `sigParams` field. One behavior change is that after calling `setParameter()`, one can call `init()` again with a key using different parameters. I think this should be allowed since we are reusing the signature object with a brand new key.
> 
> `setParameter` is kept unchanged to be able to deal with certificates still having parameters after the signature algorithm object identifier. See https://bugs.openjdk.java.net/browse/JDK-8225745.
> 
> Also added SHA1withECDSA to the no-NULL list in `KnownOIDs`.
> 
> All security-related tests passed.

This pull request has now been integrated.

Changeset: 8040aa00
Author:    Weijun Wang <weijun at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/8040aa0073e7ea22b2fdff5bddff10c244e116ef
Stats:     109 lines in 4 files changed: 60 ins; 36 del; 13 mod

8286908: ECDSA signature should not return parameters

Reviewed-by: ascarpino, hchao, valeriep

-------------

PR: https://git.openjdk.java.net/jdk/pull/8758



More information about the security-dev mailing list