RFR: 8302017: Allocate BadPaddingException only if it will be thrown
Valerie Peng
valeriep at openjdk.org
Wed Jul 12 19:07:16 UTC 2023
On Wed, 12 Jul 2023 16:58:20 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> This change refactors the RSAPadding class to return an output record containing the status instead of relying on exception object to indicate a failure.
>>
>> Thanks in advance for review~
>> Valerie
>
> src/java.base/share/classes/sun/security/rsa/RSASignature.java line 217:
>
>> 215: byte[] digest = getDigestValue();
>> 216: byte[] decrypted = RSACore.rsa(sigBytes, publicKey);
>> 217: RSAPadding.Output po = padding.unpad(decrypted);
>
> In case you are already here, what if comparing the padded/encoded result, without use unpad() any longer? I meant to follow the spec as described in RFC8017#section-8.2.2: encode the `decryped` bytes and then compare the result with the `digest` bytes.
Ok, I can switch to this approach.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14839#discussion_r1261612766
More information about the security-dev
mailing list