On Thu, 10 Aug 2023 00:56:56 GMT, Valerie Peng <valer...@openjdk.org> wrote:

> Starting NSS v3.91, SHA-3 support is added for MessageDigest but not for PSS 
> Signature. This breaks existing test assumptions made by PSS regression 
> tests. In addition, the NSS SHA-3 message digests do not support cloning 
> which causes the failure of TestCloning.java.
> 
> This PR adds a PSSUtil.java class which provides utility method for 
> detecting/guessing whether a digest algorithm is valid for PSS signature or 
> not.
> 
> The changes are verified with NSS v3.46, v3.57 and v3.91 (on local Linux 
> machine).
> 
> Thanks in advance for review~

Marked as reviewed by ssahoo (Committer).

test/jdk/sun/security/pkcs11/PSSUtil.java line 45:

> 43:     public static boolean isSignatureSupported(Provider p) {
> 44:         try {
> 45:             Signature.getInstance("RSASSA-PSS", p);

It can use the SIGALG constant name.

-------------

PR Review: https://git.openjdk.org/jdk/pull/15217#pullrequestreview-1571040058
PR Review Comment: https://git.openjdk.org/jdk/pull/15217#discussion_r1289565434

Reply via email to