On Fri, 22 Apr 2022 17:10:58 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> Compare encoded instead of decoded digest in RSA signature verification. src/java.base/share/classes/sun/security/rsa/RSASignature.java line 220: > 218: byte[] encoded = RSAUtil.encodeSignature(digestOID, digest); > 219: byte[] decrypted = RSACore.rsa(sigBytes, publicKey); > 220: byte[] unpadded = padding.unpad(decrypted); It looks like safer to me that decodeSignature() method is removed and the same method get used for the verification. Maybe, these two lines could be moved ahead (at line 215) so that the processing order is consistent with the RFC 8017 described order, for readability. ------------- PR: https://git.openjdk.java.net/jdk/pull/8365