Looks fine to me. Thanks! Xuelei
On 7/22/2016 6:08 AM, Vincent Ryan wrote: > Thanks for the review. > > The PKCS11 implementation is a little peculiar in that it is configured > out-of-the-box only for Solaris > and that implementation doesn’t support DSA. So I’ve added only the first of > your additional lines below. > > (NOTE the update to the Ucrypto provider) > > Updated webrev at: > http://cr.openjdk.java.net/~vinnie/8161571/webrev.01/ > > > > >> On 21 Jul 2016, at 15:46, Xuelei Fan <xuelei....@oracle.com> wrote: >> >> Looks fine to me. >> >> Just two minor comments. The run tag in the test may be not necessary. >> Like EC algorithm, maybe the PKCS11 implementation of RSA and DSA >> algorithms can also be checked on some platform if not using provider >> option. >> >> + main0("RSA", 2048, "SHA256withRSA", null); >> + main0("DSA", 2048, "SHA256withDSA", null); >> >> Xuelei >> >> On 7/20/2016 3:10 AM, Vincent Ryan wrote: >>> Please review this fix to apply stricter length checks when verifying >>> public key signatures. >>> Thanks. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8161571 >>> Webrev: http://cr.openjdk.java.net/~vinnie/8161571/webrev.00/ >>> >> >
