Thanks for the review~
The issue is reported externally, there is the answer to your question. ;)
Valerie
On 2/6/2020 10:14 PM, Xuelei Fan wrote:
On 2/6/2020 7:02 PM, Valerie Peng wrote:
Anyone can help reviewing this?
There is a bug in RSASSA-PSS signature verification when the key size
is multiples of 8 plus 1 bit. The verification on the encoded message
is off by one and verification failed unexpectedly. I added a check
and adjusted the starting index for the verification. I added 1025
and 2049 to existing PSS tests to verify this fix.
Hm, is there really use of 1025/2049 bits RSA key in practice. But
it's a nice catch!
Bug: https://bugs.openjdk.java.net/browse/JDK-8238448
Webrev: http://cr.openjdk.java.net/~valeriep/8238448/webrev.00/
It looks good to me.
Xuelei
Mach5 run is clean.
Thanks,
Valerie
