On Fri, 12 Feb 2021 15:24:07 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> The code change fixes the ECDSA XML signature length issue. It should only > happen when there is no P1363 ECDSA support, which is not true when SunEC is > used. > > If a PrivateKey is not of ECPrivateKey type then the bug will still show up. > Technically, we can drill into the OID/parameter of the ASN.1 encoding and do > further evaluation, but I think this is not worth doing. Please advise me if > you think differently. Marked as reviewed by mullan (Reviewer). src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java line 68: > 66: * > 67: * @param asn1Bytes > 68: * @param rawLen You should add the same javadoc for these parameters as you did in ECDSAUtils.java. ------------- PR: https://git.openjdk.java.net/jdk/pull/2550
