Starting NSS v3.91, SHA-3 support is added for MessageDigest but not for PSS Signature. This breaks existing test assumptions made by PSS regression tests. In addition, the NSS SHA-3 message digests do not support cloning which causes the failure of TestCloning.java.
This PR adds a PSSUtil.java class which provides utility method for detecting/guessing whether a digest algorithm is valid for PSS signature or not. The changes are verified with NSS v3.46, v3.57 and v3.91 (on local Linux machine). Thanks in advance for review~ ------------- Commit messages: - 8312428: PKCS11 tests fail with NSS 3.91 Changes: https://git.openjdk.org/jdk/pull/15217/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=15217&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8312428 Stats: 231 lines in 4 files changed: 128 ins; 56 del; 47 mod Patch: https://git.openjdk.org/jdk/pull/15217.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/15217/head:pull/15217 PR: https://git.openjdk.org/jdk/pull/15217