RFR: 8320597: RSA signature verification fails on signed data that does not encode params correctly
Sean Mullan
mullan at openjdk.org
Thu Dec 7 14:26:31 UTC 2023
On Wed, 6 Dec 2023 19:27:22 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> Add a fallback if an RSA signature was generated without the NULL params in its encoded hash.
src/java.base/share/classes/sun/security/rsa/RSAUtil.java line 186:
> 184: * This is only used by SunRsaSign.
> 185: */
> 186: public static byte[] encodeSignatureWithoutNULL(ObjectIdentifier oid, byte[] digest) {
Could make this method package-private.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17002#discussion_r1419041625
More information about the security-dev
mailing list