On Thu, 20 Jul 2023 05:06:11 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Update to address review feedbacks > > src/java.base/share/classes/sun/security/rsa/RSASignature.java line 227: > >> 225: byte[] padded2 = padding.pad(encoded2); >> 226: return MessageDigest.isEqual(padded2, decrypted); >> 227: } > > I had a check of the specification (Section A.2.4 of RFC 8017), and the > [update](https://github.com/openjdk/jdk/pull/8365) and the [JBS > entry](https://bugs.openjdk.org/browse/JDK-8285404) that added the comment > "some vendors might omit the NULL params". > > Per section A.2.4 of RFC 8017, it is said "For each OID, the parameters field > associated with this OID in a value of type AlgorithmIdentifier SHALL have a > value of type NULL." > > Per the key words specification, RFC 2119, "SHALL" is the same as MUST which > "mean that the definition is an absolute requirement of the specification." > > In the bug description of bug JDK-8285404, there is a section "*Update*: We > think it's possible that there might be signers omitting the NULL params in > the digest algorithm identifier. " > > For this case, if the signers omitting the NULL params, does it means the > signer does not follow the specification and should be rejected? @wangweij > could you recall if there is a real case that omits the NULL params in > practice? Max is on vacation and may not see your question for a while... IIRC, the inconsistency (NULL vs omission) goes way back. As time goes on, this may no longer be an issue as spec is clarified and vendors update their implementation. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/14839#discussion_r1272692439
