Hi Xuelei,
Overall changes look good.
A nit: SignatureScheme.java:552, "Ignore unsupport..." instead of
"Ignore the unsupported..."
It seems that the SignatureScheme selection is always selected with
PrivateKey first? It'd be nice to have some comments explain the
different handling between getSigner(PrivateKey) and
getVerifier(PublicKey), i.e. former returns null vs later passes up the
exception.
Thanks,
Valerie
On 10/24/2019 1:56 PM, Xuelei Fan wrote:
Hi,
Could I get the following update reviewed?
http://cr.openjdk.java.net/~xuelei/8223940/webrev.00/
For signature algorithms, the update will fail back to use the
supported signature algorithm for the specific private key.
Previously, the first preferred signature algorithm get used ad the
private key may not be able to work with the signature algorithm however.
No new regression test as RSASSA-PSS has been supported in the
SunPKCS11 provider currently. Can I get a help for the test if you
are running a provider that does not support RSASSA-PSS yet?
Thanks & Regards,
Xuelei
