RFR: 8312428: PKCS11 tests fail with NSS 3.91 [v2]
Valerie Peng
valeriep at openjdk.org
Thu Aug 10 18:41:34 UTC 2023
> Starting NSS v3.91, SHA-3 support is added for MessageDigest but not for PSS Signature. This breaks existing test assumptions made by PSS regression tests. In addition, the NSS SHA-3 message digests do not support cloning which causes the failure of TestCloning.java.
>
> This PR adds a PSSUtil.java class which provides utility method for detecting/guessing whether a digest algorithm is valid for PSS signature or not.
>
> The changes are verified with NSS v3.46, v3.57 and v3.91 (on local Linux machine).
>
> Thanks in advance for review~
Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
address review feedbacks
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/15217/files
- new: https://git.openjdk.org/jdk/pull/15217/files/ca1a3b92..4306fa1c
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=15217&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=15217&range=00-01
Stats: 11 lines in 3 files changed: 0 ins; 7 del; 4 mod
Patch: https://git.openjdk.org/jdk/pull/15217.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/15217/head:pull/15217
PR: https://git.openjdk.org/jdk/pull/15217
More information about the security-dev
mailing list