[12] RFR 8215694: keytool cannot generate RSASSA-PSS certificates
Weijun Wang
weijun.wang at oracle.com
Fri Dec 21 09:44:59 UTC 2018
Please take a review at
https://cr.openjdk.java.net/~weijun/8215694/webrev.00/
This bug reveals several issues:
1. Encoding of the RSASSA-PSS signature algorithm in PKCS10 and X509CertImpl.
2. The missing of setParameter() call for PKCS10 and X509CertImpl.
3. All keytool commands of -genkeypair, -certreq, -gencert, -selfcert are affected.
4. Wrong NULL after encoding of RSASSA-PSS key algorithm.
Please confirm this is safe to be fixed in JDK 12.
Thanks,
Max
More information about the security-dev
mailing list