On Wed, 12 Jul 2023 16:58:20 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> This change refactors the RSAPadding class to return an output record >> containing the status instead of relying on exception object to indicate a >> failure. >> >> Thanks in advance for review~ >> Valerie > > src/java.base/share/classes/sun/security/rsa/RSASignature.java line 217: > >> 215: byte[] digest = getDigestValue(); >> 216: byte[] decrypted = RSACore.rsa(sigBytes, publicKey); >> 217: RSAPadding.Output po = padding.unpad(decrypted); > > In case you are already here, what if comparing the padded/encoded result, > without use unpad() any longer? I meant to follow the spec as described in > RFC8017#section-8.2.2: encode the `decryped` bytes and then compare the > result with the `digest` bytes. Ok, I can switch to this approach. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/14839#discussion_r1261612766