On Tue, 11 Jul 2023 23:19:40 GMT, Valerie Peng <valer...@openjdk.org> wrote:
> This change refactors the RSAPadding class to return an output record
> containing the status instead of relying on exception object to indicate a
> failure.
>
> Thanks in advance for review~
> Valerie
Changes requested by xuelei (Reviewer).
src/java.base/share/classes/sun/security/rsa/RSAPadding.java line 372:
> 370: return Output.FAIL;
> 371: } else {
> 372: return Output.pass(data);
The Output.pass(byte[]) will create a new instance and thus make the behavior
detectable. Maybe, the Output class is not necessary, 'null' value return
could be used instead.
- if (bp) {
- return Output.FAIL;
- } else {
- return Output.pass(data);
+ return bp ? null : data;
src/java.base/share/classes/sun/security/rsa/RSASignature.java line 217:
> 215: byte[] digest = getDigestValue();
> 216: byte[] decrypted = RSACore.rsa(sigBytes, publicKey);
> 217: RSAPadding.Output po = padding.unpad(decrypted);
In case you are already here, what if comparing the padded/encoded result,
without use unpad() any longer? I meant to follow the spec as described in
RFC8017#section-8.2.2: encode the `decryped` bytes and then compare the result
with the `digest` bytes.
-------------
PR Review: https://git.openjdk.org/jdk/pull/14839#pullrequestreview-1526794400
PR Review Comment: https://git.openjdk.org/jdk/pull/14839#discussion_r1261451456
PR Review Comment: https://git.openjdk.org/jdk/pull/14839#discussion_r1261463911
