-
Bug
-
Resolution: Fixed
-
P3
-
8u251, openjdk8u252, 11.0.1
-
b10
-
generic
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8277996 | 13.0.10 | Yuri Nesterenko | P3 | Resolved | Fixed | b03 |
| JDK-8248798 | 11.0.9-oracle | Valerie Peng | P3 | Resolved | Fixed | b01 |
| JDK-8249022 | 11.0.9 | Valerie Peng | P3 | Resolved | Fixed | b01 |
| JDK-8255669 | openjdk8u282 | Valerie Peng | P3 | Resolved | Fixed | b01 |
| JDK-8251726 | emb-8u271 | Valerie Peng | P3 | Resolved | Fixed | team |
For certain odd key sizes (N = 8x+1, i.e. multiples of 8 plus 1), the encoded message for PSS processing is one-byte shorter than the key size. For example, per RFC 8017, PKCS#1 v2.2, if the key size is 1025 bits (rounded up to 129 bytes), the length of encoded message should be 128 byte. However, the current impl of SunRsaSign provider uses the key length which has been rounded up in bytes as the length of the encoded message instead of calculating from the key length in bits. This causes the signature verification to fail unexpectedly as the verification is being performed on wrong range of bytes.
- backported by
-
JDK-8248798 RSASSA-PSS signature verification fail when using certain odd key sizes
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
JDK-8146293 Add support for RSASSA-PSS Signature algorithm
-
- Resolved
-
(1 relates to, 2 links to)