Open space88man opened 3 years ago
Post-JDK8u242 the implementation of PKCS10.encodeAndSign()
has changed, it now calls Signature.getParameters()
which in turn in calls engineGetParameters()
.
The SunEC implementation returns null
; both Conscrypt and BouncyCastle throw UnsupportedOperationException
.
Newer keytool (
sun.security.tools.keytool.Main
) in JDK8u > 242, and JDK11 callsSignature.getParameters()
fromPKCS10.encodeAndSign()
and the Conscrypt provider throwsUnsupportedOperationException
.Possibly Conscrypt should return
null
, like SunEC, and recommended in the docs, https://docs.oracle.com/javase/8/docs/api/java/security/Signature.html.Tested on Fedora 32 with: