RFR: 8320597: RSA signature verification fails on signed data that does not encode params correctly [v2]
Valerie Peng
valeriep at openjdk.org
Thu Dec 7 19:13:40 UTC 2023
On Thu, 7 Dec 2023 14:47:18 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Add a fallback if an RSA signature was generated without the NULL params in its encoded hash.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> change method to package private
test/jdk/sun/security/rsa/WithoutNULL.java line 27:
> 25: * @test
> 26: * @bug 8320597
> 27: * @summary RSA signature verification fails on signed data that does not encode params correctly
The summary seems to contradict the check on line 52? Maybe: Verify RSA signature with omitted digest params (should be encoded as NULL) for backward compatibility?
Rest looks good.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17002#discussion_r1419490574
More information about the security-dev
mailing list