Looks good.
Paul
On 7/11/19, 2:14 PM, "jdk-updates-dev on behalf of Langer, Christoph"
<jdk-updates-dev-boun...@openjdk.java.net on behalf of
christoph.lan...@sap.com> wrote:
Ping...
Can somebody please have a look at this backport? Regression testing shows
no problems...
Thanks
Christoph
From: Langer, Christoph
Sent: Donnerstag, 4. Juli 2019 15:11
To: jdk-updates-...@openjdk.java.net
Cc: security-dev <security-dev@openjdk.java.net>
Subject: [11u] RFR: 8216039: TLS with BC and RSASSA-PSS breaks
ECDHServerKeyExchange
Hi,
please help reviewing the backport of JDK-8216039 to jdk11u-dev.
Since predecessor patch JDK-8211122 could not be applied to JDK 11 updates,
some manual work is necessary.
In src/java.base/share/classes/java/security/Signature.java and
src/java.base/share/classes/sun/security/util/SignatureUtil.java the imports of
jdk.internal.access have to be changed into jdk.internal.misc. The update that
originally went to
src/java.base/share/classes/jdk/internal/access/SharedSecrets.java obviously
needs to be applied to
src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java. The new file
src/java.base/share/classes/jdk/internal/access/JavaSecuritySignatureAccess.java
needs to be
src/java.base/share/classes/jdk/internal/misc/JavaSecuritySignatureAccess.java
in 11u.
See the full webrev here:
http://cr.openjdk.java.net/~clanger/webrevs/8216039.11u.full.0/
The webrev for manual changes only:
http://cr.openjdk.java.net/~clanger/webrevs/8216039.11u.manual.0/
Original Bug: https://bugs.openjdk.java.net/browse/JDK-8216039
Thanks
Christoph
