-
Bug
-
Resolution: Fixed
-
P4
-
None
-
b12
A unit test that exercises the CertificateBuilder and SimpleOCSPServer test utility classes should be written. This should be done because we have seen that these two test classes do not behave well with the new PQC algorithms and may also behave poorly with RSASSA-PSS in some cases. When specifying ML-DSA algorithms, if the signature algorithm "ML-DSA" is selected, the internal implementation tries to obtain an AlgorithmId which causes failures:
CertificateBuilder:
java.security.NoSuchAlgorithmException: unrecognized algorithm name: ML-DSA
at java.base/sun.security.x509.AlgorithmId.get(AlgorithmId.java:450)
at sun.security.testlibrary.CertificateBuilder.encodeTopLevel(CertificateBuilder.java:442)
at sun.security.testlibrary.CertificateBuilder.build(CertificateBuilder.java:412)
at CPVAlgTestWithOCSP.main(CPVAlgTestWithOCSP.java:94)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:565)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1447)
SimpleOCSPServer:
java.security.NoSuchAlgorithmException: unrecognized algorithm name: ML-DSA
at java.base/sun.security.x509.AlgorithmId.get(AlgorithmId.java:450)
at sun.security.testlibrary.SimpleOCSPServer.<init>(SimpleOCSPServer.java:176)
at sun.security.testlibrary.SimpleOCSPServer.<init>(SimpleOCSPServer.java:117)
at CPVAlgTestWithOCSP.main(CPVAlgTestWithOCSP.java:107)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:565)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1447)
This should be corrected so any signature-capable algorithm can work with these classes.
CertificateBuilder:
java.security.NoSuchAlgorithmException: unrecognized algorithm name: ML-DSA
at java.base/sun.security.x509.AlgorithmId.get(AlgorithmId.java:450)
at sun.security.testlibrary.CertificateBuilder.encodeTopLevel(CertificateBuilder.java:442)
at sun.security.testlibrary.CertificateBuilder.build(CertificateBuilder.java:412)
at CPVAlgTestWithOCSP.main(CPVAlgTestWithOCSP.java:94)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:565)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1447)
SimpleOCSPServer:
java.security.NoSuchAlgorithmException: unrecognized algorithm name: ML-DSA
at java.base/sun.security.x509.AlgorithmId.get(AlgorithmId.java:450)
at sun.security.testlibrary.SimpleOCSPServer.<init>(SimpleOCSPServer.java:176)
at sun.security.testlibrary.SimpleOCSPServer.<init>(SimpleOCSPServer.java:117)
at CPVAlgTestWithOCSP.main(CPVAlgTestWithOCSP.java:107)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:565)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1447)
This should be corrected so any signature-capable algorithm can work with these classes.
- links to
-
Commit(master)
openjdk/jdk/9d9d7a17
-
Review(master)
openjdk/jdk/23566