On Thu, 10 Aug 2023 05:23:38 GMT, Sibabrata Sahoo <[email protected]> wrote:
>> Starting NSS v3.91, SHA-3 support is added for MessageDigest but not for PSS
>> Signature. This breaks existing test assumptions made by PSS regression
>> tests. In addition, the NSS SHA-3 message digests do not support cloning
>> which causes the failure of TestCloning.java.
>>
>> This PR adds a PSSUtil.java class which provides utility method for
>> detecting/guessing whether a digest algorithm is valid for PSS signature or
>> not.
>>
>> The changes are verified with NSS v3.46, v3.57 and v3.91 (on local Linux
>> machine).
>>
>> Thanks in advance for review~
>
> test/jdk/sun/security/pkcs11/PSSUtil.java line 45:
>
>> 43: public static boolean isSignatureSupported(Provider p) {
>> 44: try {
>> 45: Signature.getInstance("RSASSA-PSS", p);
>
> It can use the SIGALG constant name.
Sure
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15217#discussion_r1290461034